A Leakage-Abuse Attack Against Multi-User Searchable Encryption

Open access


Searchable Encryption (SE) allows a user to upload data to the cloud and to search it in a remote fashion while preserving the privacy of both the data and the queries. Recent research results describe attacks on SE schemes using the access pattern, denoting the ids of documents matching search queries, which most SE schemes reveal during query processing. However SE schemes usually leak more than just the access pattern, and this extra leakage can lead to attacks (much) more harmful than the ones using basic access pattern leakage only. We remark that in the special case of Multi-User Searchable Encryption (MUSE), where many users upload and search data in a cloud-based infrastructure, a large number of existing solutions have a common leakage in addition to the well-studied access pattern leakage. We show that this seemingly small extra leakage allows a very simple yet powerful attack, and that the privacy degree of the affected schemes have been overestimated. We also show that this new vulnerability affects existing software. Finally we formalize the newly identified leakage profile and show how it relates to previously defined ones.

If the inline PDF is not rendering correctly, you can download the PDF file here.

  • [1] Enron email dataset. http://www.cs.cmu.edu/~enron/ Accessed on May 2016.

  • [2] Source code to reproduce our experiments. http://www.eurecom.fr/~vanrompa/iterative-testing/

  • [3] M. R. Asghar G. Russello B. Crispo and M. Ion. Supporting complex queries and access policies for multi-user encrypted databases. In CCSW’13 Proceedings of the 2013 ACM Cloud Computing Security Workshop Co-located with CCS 2013 Berlin Germany November 4 2013 pages 77–88 2013.

  • [4] F. Bao R. H. Deng X. Ding and Y. Yang. Private Query on Encrypted Data in Multi-user Settings. In Information Security Practice and Experience 4th International Conference ISPEC 2008 Sydney Australia April 21-23 2008 Proceedings pages 71–85 2008.

  • [5] C. Bösch P. Hartel W. Jonker and A. Peter. A Survey of Provably Secure Searchable Encryption. ACM Computing Surveys 47(2):1–51 Aug. 2014.

  • [6] D. Cash P. Grubbs J. Perry and T. Ristenpart. Leakage-Abuse Attacks Against Searchable Encryption. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security Denver CO USA October 12-6 2015 pages 668–679 2015.

  • [7] D. Cash J. Jaeger S. Jarecki C. Jutla H. Krawczyk M.-C. Rosu and M. Steiner. Dynamic searchable encryption in very large databases: Data structures and implementation. In Proc. of NDSS volume 14 2014.

  • [8] D. Cash S. Jarecki C. Jutla H. Krawczyk M.-C. Rosu and M. Steiner. Highly-scalable searchable symmetric encryption with support for boolean queries. In Advances in Cryptology–CRYPTO 2013 pages 353–373. Springer 2013.

  • [9] R. Curtmola J. Garay S. Kamara and R. Ostrovsky. Searchable symmetric encryption: Improved definitions and efficient constructions. Journal of Computer Security 19(5):895–934 2011.

  • [10] D. Derler C. Hanser and D. Slamanig. Revisiting Cryptographic Accumulators Additional Properties and Relations to Other Primitives. In Topics in Cryptology - CT-RSA 2015 The Cryptographer’s Track at the RSA Conference 2015 San Francisco CA USA April 20-24 2015. Proceedings pages 127–144 2015.

  • [11] C. Dong G. Russello and N. Dulay. Shared and Searchable Encrypted Data for Untrusted Servers. In Data and Applications Security XXII 22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security London UK July 13-16 2008 Proceedings pages 127–143 2008.

  • [12] P. Grubbs R. McPherson M. Naveed T. Ristenpart and V. Shmatikov. Breaking Web Applications Built On Top of Encrypted Data. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Vienna Austria October 24-28 2016 pages 1353–1364 2016.

  • [13] F. Hahn and F. Kerschbaum. Searchable Encryption with Secure and Efficient Updates. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security Scottsdale AZ USA November 3-7 2014 pages 310–320 2014.

  • [14] Y. H. Hwang and P. J. Lee. Public Key Encryption with Conjunctive Keyword Search and Its Extension to a Multiuser System. In Pairing-Based Cryptography - Pairing 2007 First International Conference Tokyo Japan July 2-4 2007 Proceedings pages 2–22 2007.

  • [15] M. Islam M. Kuzu and M. Kantarcioglu. Access pattern disclosure on searchable encryption: Ramification attack and mitigation. Network and Distributed System Security Symposium (NDSS’12) 2012.

  • [16] S. Jarecki C. Jutla H. Krawczyk M. Rosu and M. Steiner. Outsourced symmetric private information retrieval. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security pages 875–888. ACM 2013.

  • [17] S. Kamara and C. Papamanthou. Parallel and Dynamic Searchable Symmetric Encryption. In Financial Cryptography and Data Security - 17th International Conference FC 2013 Okinawa Japan April 1-5 2013 Revised Selected Papers pages 258–274 2013.

  • [18] N. Karapanos A. Filios R. A. Popa and S. Capkun. Verena: End-to-end integrity protection for web applications. To appear in 37th IEEE Symposium on Security and Privacy SP 2016 San Jose CA USA May 23-25 2016.

  • [19] C. Lan J. Sherry R. A. Popa and S. Ratnasamy. Embark: Securely outsourcing middleboxes to the cloud. To appear in 13th USENIX Symposium on Networked Systems Design and Implementation NSDI 16 Santa Clara CA USA March 16-18 2016.

  • [20] A. Levy H. Corrigan-Gibbs and D. Boneh. Stickler: Defending Against Malicious CDNs in an Unmodified Browser. 2015.

  • [21] C. Liu L. Zhu M. Wang and Y.-a. Tan. Search pattern leakage in searchable encryption: Attacks and new construction. Inf. Sci. 265:176–188 2014.

  • [22] M. Naveed S. Kamara and C. V. Wright. Inference Attacks on Property-Preserving Encrypted Databases. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security Denver CO USA October 12-6 2015 pages 644–655 2015.

  • [23] V. Pappas F. Krell B. Vo V. Kolesnikov T. Malkin S. G. Choi W. George A. Keromytis and S. Bellovin. Blind Seer: A Scalable Private DBMS. In Proceedings of the 2014 IEEE Symposium on Security and Privacy SP ’14 pages 359–374 Washington DC USA 2014. IEEE Computer Society.

  • [24] R. A. Popa E. Stark S. Valdez J. Helfer N. Zeldovich and H. Balakrishnan. Building Web Applications on Top of Encrypted Data Using Mylar. In Proceedings of the 11th USENIX Symposium on Networked Systems Design and Implementation NSDI 2014 Seattle WA USA April 2-4 2014 pages 157–172 2014.

  • [25] R. A. Popa and N. Zeldovich. Multi-Key Searchable Encryption. IACR Cryptology ePrint Archive 2013:508 2013.

  • [26] M. F. Porter. An algorithm for suffix stripping. Program 14(3):130–137 1980.

  • [27] C. V. Rompay R. Molva and M. Önen. Multi-user Searchable Encryption in the Cloud. In Information Security - 18th International Conference ISC 2015 Trondheim Norway September 9-11 2015 Proceedings pages 299–316 2015.

  • [28] F. Schuster M. Costa C. Fournet C. Gkantsidis M. Peinado G. Mainar-Ruiz and M. Russinovich. VC3: Trustworthy Data Analytics in the Cloud Using SGX. In 2015 IEEE Symposium on Security and Privacy SP 2015 San Jose CA USA May 17-21 2015 pages 38–54 2015.

  • [29] D. X. Song D. Wagner and A. Perrig. Practical techniques for searches on encrypted data. In Security and Privacy 2000. S P 2000. Proceedings. 2000 IEEE Symposium on pages 44–55 2000.

  • [30] P. Wang H. Wang and J. Pieprzyk. Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data. In Secure Data Management 4th VLDB Workshop SDM 2007 Vienna Austria September 23-24 2007 Proceedings pages 108–123 2007.

  • [31] Y. Yang H. Lu and J. Weng. Multi-User Private Keyword Search for Cloud Computing. pages 264–271. IEEE Nov. 2011.

  • [32] Y. Zhang J. Katz and C. Papamanthou. All Your Queries Are Belong to Us: The Power of File-Injection Attacks on Searchable Encryption. In 25th USENIX Security Symposium (USENIX Security 16) pages 707–720 Austin TX Aug. 2016. USENIX Association.

  • [33] F. Zhao T. Nishide and K. Sakurai. Multi-User Keyword Search Scheme for Secure Data Sharing with Fine-Grained Access Control. In Information Security and Cryptology - ICISC 2011 - 14th International Conference Seoul Korea November 30 - December 2 2011. Revised Selected Papers pages 406–418 2011.

Journal information
Cited By
All Time Past Year Past 30 Days
Abstract Views 0 0 0
Full Text Views 353 190 9
PDF Downloads 206 110 2