Paper 2024/1525

Evaluating Leakage Attacks Against Relational Encrypted Search

Patrick Ehrler, Technical University of Darmstadt
Abdelkarim Kati, University of Waterloo
Thomas Schneider, Technical University of Darmstadt
Amos Treiber, Technical University of Darmstadt
Abstract

Encrypted Search Algorithms (ESAs) are a technique to encrypt data while the user can still search over it. ESAs can protect privacy and ensure security of sensitive data stored on a remote storage. Originally, ESAs were used in the context of documents that consist of keywords. The user encrypts the documents, sends them to a remote server and is still able to search for keywords, without exposing information about the plaintext. The idea of ESAs has also been applied to relational databases, where queries (similar to SQL statements) can be privately executed on an encrypted database.But just as traditional schemes for Keyword-ESAs, also Relational-ESAs have the drawback of exposing some information, called leakage. Leakage attacks have been proposed in the literature that use this information together with auxiliary information to learn details about the plaintext. However, these leakage attacks have overwhelmingly been designed for and applied to Keyword-ESAs and not Relational-ESAs. In this work, we review the suitability of major leakage attacks against ESAs in the relational setting by adapting them accordingly. We perform extensive re-evaluations of the attacks on various relational datasets with different properties. Our evaluations show that major attacks can work against Relational-ESAs in the known-data setting. However, the attack performance differs between datasets, exploited patterns, and attacks.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Published elsewhere. 2024 Cloud Computing Security Workshop (CCSW ’24)
DOI
10.1145/3689938.3694776
Keywords
Encrypted SearchCryptanalysisLeakage Attacks
Contact author(s)
patrickehrler @ gmail com
akati @ uwaterloo ca
schneider @ encrypto cs tu-darmstadt de
treiber @ encrypto cs tu-darmstadt de
History
2024-09-30: approved
2024-09-28: received
See all versions
Short URL
https://ia.cr/2024/1525
License
Creative Commons Attribution-NonCommercial
CC BY-NC

BibTeX

@misc{cryptoeprint:2024/1525,
      author = {Patrick Ehrler and Abdelkarim Kati and Thomas Schneider and Amos Treiber},
      title = {Evaluating Leakage Attacks Against Relational Encrypted Search},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1525},
      year = {2024},
      doi = {10.1145/3689938.3694776},
      url = {https://eprint.iacr.org/2024/1525}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.