Paper 2023/166

Hermes: I/O-Efficient Forward-Secure Searchable Symmetric Encryption

Brice Minaud, French Institute for Research in Computer Science and Automation, École Normale Supérieure - PSL, French National Centre for Scientific Research, PSL Research University
Michael Reichle, French Institute for Research in Computer Science and Automation, École Normale Supérieure - PSL, French National Centre for Scientific Research, PSL Research University
Abstract

Dynamic Symmetric Searchable Encryption (SSE) enables a user to outsource the storage of an encrypted database to an untrusted server, while retaining the ability to privately search and update the outsourced database. The performance bottleneck of SSE schemes typically comes from their I/O efficiency. Over the last few years, a line of work has substantially improved that bottleneck. However, all existing I/O-efficient SSE schemes have a common limitation: they are not forward-secure. Since the seminal work of Bost at CCS 2016, forward security has become a de facto standard in SSE. In the same article, Bost conjectures that forward security and I/O efficiency are incompatible. This explains the current status quo, where users are forced to make a difficult choice between security and efficiency. The central contribution of this paper it to show that, contrary to what the status quo suggests, forward security and I/O efficiency can be realized simultaneously. This result is enabled by two new key techniques. First, we make use of a controlled amount of client buffering, combined with a deterministic update schedule. Second, we introduce the notion of SSE supporting dummy updates. In combination, those two techniques offer a new path to realizing forward security, which is compatible with I/O efficiency. Our new SSE scheme, Hermes, achieves sublogarithmic I/O efficiency $O(\log\log \frac{N}{p})$, storage efficiency $O(1)$, with standard leakage, as well as backward and forward security. Practical experiments confirm that Hermes achieves excellent performance.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
SSESearchable Symmetric EncryptionPage EfficiencyI/O Efficiency
Contact author(s)
brice minaud @ ens fr
michael reichle @ ens fr
History
2023-02-15: approved
2023-02-10: received
See all versions
Short URL
https://ia.cr/2023/166
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/166,
      author = {Brice Minaud and Michael Reichle},
      title = {Hermes: I/O-Efficient Forward-Secure Searchable Symmetric Encryption},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/166},
      year = {2023},
      url = {https://eprint.iacr.org/2023/166}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.