Breach-Resistant Structured Encryption

Open access


Motivated by the problem of data breaches, we formalize a notion of security for dynamic structured encryption (STE) schemes that guarantees security against a snapshot adversary; that is, an adversary that receives a copy of the encrypted structure at various times but does not see the transcripts related to any queries. In particular, we focus on the construction of dynamic encrypted multi-maps which are used to build efficient searchable symmetric encryption schemes, graph encryption schemes and encrypted relational databases. Interestingly, we show that a form of snapshot security we refer to as breach resistance implies previously-studied notions such as a (weaker version) of history independence and write-only obliviousness. Moreover, we initiate the study of dual-secure dynamic STE constructions: schemes that are forward-private against a persistent adversary and breach-resistant against a snapshot adversary. The notion of forward privacy guarantees that updates to the encrypted structure do not reveal their association to any query made in the past. As a concrete instantiation, we propose a new dual-secure dynamic multi-map encryption scheme that outperforms all existing constructions; including schemes that are not dual-secure. Our construction has query complexity that grows with the selectivity of the query and the number of deletes since the client executed a linear-time rebuild protocol which can be de-amortized. We implemented our scheme (with the de-amortized rebuild protocol) and evaluated its concrete efficiency empirically. Our experiments show that it is highly efficient with queries taking less than 1 microsecond per label/value pair.

[1] G. Asharov, M. Naor, G. Segev, and I. Shahaf. Searchable symmetric encryption: Optimal locality in linear space via two-dimensional balanced allocations. In ACM Symposium on Theory of Computing (STOC ‘16), STOC ‘16, pages 1101–1114, New York, NY, USA, 2016. ACM.

[2] Adam J. Aviv, Seung Geol Choi, Travis Mayberry, and Daniel S. Roche. Oblivisync: Practical oblivious file backup and synchronization. In Network and Distributed System Security Symposium (NDSS ‘16), 2016.

[3] Wei Bai, Ciara Lynton, Michelle L. Mazurek, and Charalampos Papamanthou. Understanding user tradeoffs for search in encrypted communication. EuroSP, 2018.

[4] E.-O. Blass, T. Mayberry, G. Noubir, and K. Onarlioglu. Toward robust hidden volumes using write-only oblivious RAM. In ACM Conference on Computer and Communications Security (CCS ‘14), pages 203–214, 2014.

[5] R. Bost. Sophos - forward secure searchable encryption. In ACM Conference on Computer and Communications Security (CCS ‘16), 20016.

[6] R. Bost, B. Minaud, and O. Ohrimenko. Forward and backward private searchable encryption from constrained cryptographic primitives. In ACM Conference on Computer and Communications Security (CCS ‘17), 2017.

[7] D. Cash, P. Grubbs, J. Perry, and T. Ristenpart. Leakage-abuse attacks against searchable encryption. In ACM Conference on Communications and Computer Security (CCS ‘15), pages 668–679. ACM, 2015.

[8] D. Cash, S. Jarecki, C. Jutla, H. Krawczyk, M. Rosu, and M. Steiner. Highly-scalable searchable symmetric encryption with support for boolean queries. In Advances in Cryptology - CRYPTO ‘13. Springer, 2013.

[9] D. Cash and S. Tessaro. The locality of searchable symmetric encryption. In Advances in Cryptology - EUROCRYPT 2014, 2014.

[10] David Cash, Joseph Jaeger, Stanislaw Jarecki, Charanjit Jutla, Hugo Krawczyk, Marcel Rosu, and Michael Steiner. Dynamic searchable encryption in very-large databases: Data structures and implementation. In Network and Distributed System Security Symposium (NDSS ‘14), 2014.

[11] Bouncy Castle. Crypto API. In

[12] M. Chase and S. Kamara. Structured encryption and controlled disclosure. In Advances in Cryptology - ASIACRYPT ‘10, volume 6477 of Lecture Notes in Computer Science, pages 577–594. Springer, 2010.

[13] R. Curtmola, J. Garay, S. Kamara, and R. Ostrovsky. Searchable symmetric encryption: Improved definitions and efficient constructions. In ACM Conference on Computer and Communications Security (CCS ‘06), pages 79–88. ACM, 2006.

[14] Al Danial. Cloc. In

[15] I. Demertzis and C. Papamanthou. Fast searchable encryption with tunable locality. In ACM International Conference on Management of Data (SIGMOD ‘17), SIGMOD ‘17, pages 1053–1067, New York, NY, USA, 2017. ACM.

[16] Mohammad Etemad, Alptekin Küpçü, Charalampos Papa-manthou, and David Evans. Efficient dynamic searchable encryption with forward privacy. PoPETs ‘18, Issue 1, 2018.

[17] B. A Fisch, B. Vo, F. Krell, A. Kumarasubramanian, V. Kolesnikov, T. Malkin, and S. M. Bellovin. Malicious-client security in blind seer: a scalable private dbms. In IEEE Symposium on Security and Privacy, pages 395–410. IEEE, 2015.

[18] S. Garg, P. Mohassel, and C. Papamanthou. TWORAM: efficient oblivious RAM in two rounds with applications to searchable encryption. In Advances in Cryptology -CRYPTO 2016, pages 563–592, 2016.

[19] O. Goldreich, S. Goldwasser, and S. Micali. How to construct random functions. In IEEE Symposium on the Foundations of Computer Science (FOCS ‘84), pages 464–479. IEEE Computer Society, 1984.

[20] P. Grubbs, T. Ristenpart, and V. Shmatikov. Why your encrypted database is not secure. In Workshop on Hot Topics in Operating Systems (HotOS ‘17), pages 162–168, New York, NY, USA, 2017. ACM.

[21] F. Hahn and F. Kerschbaum. Searchable encryption with secure and efficient updates. In ACM Conference on Computer and Communications Security (CCS ‘14), CCS ‘14, pages 310–320, New York, NY, USA, 2014. ACM.

[22] M. Saiful Islam, M. Kuzu, and M. Kantarcioglu. Access pattern disclosure on searchable encryption: Ramification, attack and mitigation. In Network and Distributed System Security Symposium (NDSS ‘12), 2012.

[23] S. Kamara and T. Moataz. Boolean searchable symmetric encryption with worst-case sub-linear complexity. In Advances in Cryptology - EUROCRYPT ‘17, 2017.

[24] S. Kamara and C. Papamanthou. Parallel and dynamic searchable symmetric encryption. In Financial Cryptography and Data Security (FC ‘13), 2013.

[25] Seny Kamara and Tarik Moataz. SQL on structurally-encrypted databases. IACR Cryptology ePrint Archive, 2016:453, 2016.

[26] J. Katz and Y. Lindell. Introduction to Modern Cryptography. Chapman & Hall/CRC, 2008.

[27] Florian Kerschbaum and Anselme Tueno. An efficiently searchable encrypted data structure for range queries. CoRR, abs/1709.09314, 2017.

[28] K. Kurosawa and Y. Ohtaki. How to update documents verifiably in searchable symmetric encryption. In International Conference on Cryptology and Network Security (CANS ‘13), pages 309–328, 2013.

[29] Russell W. F. Lai and Sherman S. M. Chow. Forward-secure searchable encryption on labeled bipartite graphs. In Applied Cryptography and Network Security - 15th International Conference, ACNS 2017, Kanazawa, Japan, July 10-12, 2017, Proceedings, pages 478–497, 2017.

[30] K. Lewi and D. Wu. Order-revealing encryption: New constructions, applications, and lower bounds. In ACM Conference on Computer and Communications Security (CCS ‘16), 2016.

[31] Lucene. Parser. In

[32] X. Meng, S. Kamara, K. Nissim, and G. Kollios. Grecs: Graph encryption for approximate shortest distance queries. In ACM Conference on Computer and Communications Security (CCS 15), 2015.

[33] I. Miers and P. Mohassel. Io-dsse: Scaling dynamic searchable encryption to millions of indexes by improving locality. Cryptology ePrint Archive, Report 2016/830, 2016.

[35] M. Naor and V. Teague. Anti-presistence: history independent data structures. In STOC ‘01: Proceedings of the thirty-third annual ACM symposium on Theory of computing, pages 492–501, New York, NY, USA, 2001. ACM.

[36] M. Naveed, M. Prabhakaran, and C. Gunter. Dynamic searchable encryption via blind storage. In IEEE Symposium on Security and Privacy (S&P ‘14), 2014.

[37] V. Pappas, F. Krell, B. Vo, V. Kolesnikov, T. Malkin, S.-G. Choi, W. George, A. Keromytis, and S. Bellovin. Blind seer: A scalable private dbms. In Security and Privacy (SP), 2014 IEEE Symposium on, pages 359–374. IEEE, 2014.

[38] E. Stefanov, C. Papamanthou, and E. Shi. Practical dynamic searchable encryption with small leakage. In Network and Distributed System Security Symposium (NDSS ‘14), 2014.

[39] Y. Zhang, J. Katz, and C. Papamanthou. All your queries are belong to us: The power of file-injection attacks on searchable encryption. In USENIX Security Symposium, 2016.

Journal Information


All Time Past Year Past 30 Days
Abstract Views 0 0 0
Full Text Views 974 974 37
PDF Downloads 38 38 26