Practical Passive Leakage-abuse Attacks Against Symmetric Searchable Encryption

Matthieu Giraud, Alexandre Anzala-Yamajako, Olivier Bernard, Pascal Lafourcade

2017

Abstract

Symmetric Searchable Encryption (SSE) schemes solve efficiently the problem of securely outsourcing client data with search functionality. These schemes are provably secure with respect to an explicit leakage profile; however, determining how much information can be inferred in practice from this leakage remains difficult. First, we recall the leakage hierarchy introduced in 2015 by Cash et al. Second, we present complete practical attacks on SSE schemes of L4, L3 and L2 leakage profiles which are deployed in commercial cloud solutions. Our attacks are passive and only assume the knowledge of a small sample of plaintexts. Moreover, we show their devastating effect on real-world data sets since, regardless of the leakage profile, an adversary knowing a mere 1% of the document set is able to retrieve 90% of documents whose content is revealed over 70%. Then, we further extend the analysis of existing attacks to highlight the gap of security that exists between L2- and L1-SSE and give some simple countermeasures to prevent our attacks.

Download


Paper Citation


in Harvard Style

Giraud M., Anzala-Yamajako A., Bernard O. and Lafourcade P. (2017). Practical Passive Leakage-abuse Attacks Against Symmetric Searchable Encryption . In Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 6: SECRYPT, (ICETE 2017) ISBN 978-989-758-259-2, pages 200-211. DOI: 10.5220/0006461202000211


in Bibtex Style

@conference{secrypt17,
author={Matthieu Giraud and Alexandre Anzala-Yamajako and Olivier Bernard and Pascal Lafourcade},
title={Practical Passive Leakage-abuse Attacks Against Symmetric Searchable Encryption},
booktitle={Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 6: SECRYPT, (ICETE 2017)},
year={2017},
pages={200-211},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006461202000211},
isbn={978-989-758-259-2},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 6: SECRYPT, (ICETE 2017)
TI - Practical Passive Leakage-abuse Attacks Against Symmetric Searchable Encryption
SN - 978-989-758-259-2
AU - Giraud M.
AU - Anzala-Yamajako A.
AU - Bernard O.
AU - Lafourcade P.
PY - 2017
SP - 200
EP - 211
DO - 10.5220/0006461202000211