Practical Passive Leakage-abuse Attacks Against Symmetric Searchable Encryption

Matthieu Giraud; Alexandre Anzala-Yamajako; Olivier Bernard; Pascal Lafourcade

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Practical Passive Leakage-abuse Attacks Against Symmetric Searchable Encryption

Topics: Database Security and Privacy; Security and Privacy in the Cloud

In Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 0ICETE, 200-211, 2017 , Madrid, Spain

Authors: Matthieu Giraud ¹ ; Alexandre Anzala-Yamajako ² ; Olivier Bernard ² and Pascal Lafourcade ¹

Affiliations: ¹ Université Clermont Auvergne, France ; ² Thales Communications and Security, France

Keyword(s): Symmetric Searchable Encryption, Leakage, Passive Attacks.

Related Ontology Subjects/Areas/Topics: Database Security and Privacy ; Information and Systems Security ; Security and Privacy in the Cloud ; Security in Information Systems

Abstract: Symmetric Searchable Encryption (SSE) schemes solve efficiently the problem of securely outsourcing client data with search functionality. These schemes are provably secure with respect to an explicit leakage profile; however, determining how much information can be inferred in practice from this leakage remains difficult. First, we recall the leakage hierarchy introduced in 2015 by Cash et al. Second, we present complete practical attacks on SSE schemes of L4, L3 and L2 leakage profiles which are deployed in commercial cloud solutions. Our attacks are passive and only assume the knowledge of a small sample of plaintexts. Moreover, we show their devastating effect on real-world data sets since, regardless of the leakage profile, an adversary knowing a mere 1% of the document set is able to retrieve 90% of documents whose content is revealed over 70%. Then, we further extend the analysis of existing attacks to highlight the gap of security that exists between L2- and L1-SSE and give s ome simple countermeasures to prevent our attacks. (More)

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 18.117.71.213

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Giraud, M.; Anzala-Yamajako, A.; Bernard, O. and Lafourcade, P. (2017). Practical Passive Leakage-abuse Attacks Against Symmetric Searchable Encryption. In Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017) - SECRYPT; ISBN 978-989-758-259-2; ISSN 2184-3236, SciTePress, pages 200-211. DOI: 10.5220/0006461202000211

@conference{secrypt17,
author={Matthieu Giraud. and Alexandre Anzala{-}Yamajako. and Olivier Bernard. and Pascal Lafourcade.},
title={Practical Passive Leakage-abuse Attacks Against Symmetric Searchable Encryption},
booktitle={Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017) - SECRYPT},
year={2017},
pages={200-211},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006461202000211},
isbn={978-989-758-259-2},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017) - SECRYPT
TI - Practical Passive Leakage-abuse Attacks Against Symmetric Searchable Encryption
SN - 978-989-758-259-2
IS - 2184-3236
AU - Giraud, M.
AU - Anzala-Yamajako, A.
AU - Bernard, O.
AU - Lafourcade, P.
PY - 2017
SP - 200
EP - 211
DO - 10.5220/0006461202000211
PB - SciTePress