Breach-Resistant Structured Encryption

Open access


Motivated by the problem of data breaches, we formalize a notion of security for dynamic structured encryption (STE) schemes that guarantees security against a snapshot adversary; that is, an adversary that receives a copy of the encrypted structure at various times but does not see the transcripts related to any queries. In particular, we focus on the construction of dynamic encrypted multi-maps which are used to build efficient searchable symmetric encryption schemes, graph encryption schemes and encrypted relational databases. Interestingly, we show that a form of snapshot security we refer to as breach resistance implies previously-studied notions such as a (weaker version) of history independence and write-only obliviousness. Moreover, we initiate the study of dual-secure dynamic STE constructions: schemes that are forward-private against a persistent adversary and breach-resistant against a snapshot adversary. The notion of forward privacy guarantees that updates to the encrypted structure do not reveal their association to any query made in the past. As a concrete instantiation, we propose a new dual-secure dynamic multi-map encryption scheme that outperforms all existing constructions; including schemes that are not dual-secure. Our construction has query complexity that grows with the selectivity of the query and the number of deletes since the client executed a linear-time rebuild protocol which can be de-amortized. We implemented our scheme (with the de-amortized rebuild protocol) and evaluated its concrete efficiency empirically. Our experiments show that it is highly efficient with queries taking less than 1 microsecond per label/value pair.

If the inline PDF is not rendering correctly, you can download the PDF file here.

  • [1] G. Asharov M. Naor G. Segev and I. Shahaf. Searchable symmetric encryption: Optimal locality in linear space via two-dimensional balanced allocations. In ACM Symposium on Theory of Computing (STOC ‘16) STOC ‘16 pages 1101–1114 New York NY USA 2016. ACM.

  • [2] Adam J. Aviv Seung Geol Choi Travis Mayberry and Daniel S. Roche. Oblivisync: Practical oblivious file backup and synchronization. In Network and Distributed System Security Symposium (NDSS ‘16) 2016.

  • [3] Wei Bai Ciara Lynton Michelle L. Mazurek and Charalampos Papamanthou. Understanding user tradeoffs for search in encrypted communication. EuroSP 2018.

  • [4] E.-O. Blass T. Mayberry G. Noubir and K. Onarlioglu. Toward robust hidden volumes using write-only oblivious RAM. In ACM Conference on Computer and Communications Security (CCS ‘14) pages 203–214 2014.

  • [5] R. Bost. Sophos - forward secure searchable encryption. In ACM Conference on Computer and Communications Security (CCS ‘16) 20016.

  • [6] R. Bost B. Minaud and O. Ohrimenko. Forward and backward private searchable encryption from constrained cryptographic primitives. In ACM Conference on Computer and Communications Security (CCS ‘17) 2017.

  • [7] D. Cash P. Grubbs J. Perry and T. Ristenpart. Leakage-abuse attacks against searchable encryption. In ACM Conference on Communications and Computer Security (CCS ‘15) pages 668–679. ACM 2015.

  • [8] D. Cash S. Jarecki C. Jutla H. Krawczyk M. Rosu and M. Steiner. Highly-scalable searchable symmetric encryption with support for boolean queries. In Advances in Cryptology - CRYPTO ‘13. Springer 2013.

  • [9] D. Cash and S. Tessaro. The locality of searchable symmetric encryption. In Advances in Cryptology - EUROCRYPT 2014 2014.

  • [10] David Cash Joseph Jaeger Stanislaw Jarecki Charanjit Jutla Hugo Krawczyk Marcel Rosu and Michael Steiner. Dynamic searchable encryption in very-large databases: Data structures and implementation. In Network and Distributed System Security Symposium (NDSS ‘14) 2014.

  • [11] Bouncy Castle. Crypto API. In

  • [12] M. Chase and S. Kamara. Structured encryption and controlled disclosure. In Advances in Cryptology - ASIACRYPT ‘10 volume 6477 of Lecture Notes in Computer Science pages 577–594. Springer 2010.

  • [13] R. Curtmola J. Garay S. Kamara and R. Ostrovsky. Searchable symmetric encryption: Improved definitions and efficient constructions. In ACM Conference on Computer and Communications Security (CCS ‘06) pages 79–88. ACM 2006.

  • [14] Al Danial. Cloc. In

  • [15] I. Demertzis and C. Papamanthou. Fast searchable encryption with tunable locality. In ACM International Conference on Management of Data (SIGMOD ‘17) SIGMOD ‘17 pages 1053–1067 New York NY USA 2017. ACM.

  • [16] Mohammad Etemad Alptekin Küpçü Charalampos Papa-manthou and David Evans. Efficient dynamic searchable encryption with forward privacy. PoPETs ‘18 Issue 1 2018.

  • [17] B. A Fisch B. Vo F. Krell A. Kumarasubramanian V. Kolesnikov T. Malkin and S. M. Bellovin. Malicious-client security in blind seer: a scalable private dbms. In IEEE Symposium on Security and Privacy pages 395–410. IEEE 2015.

  • [18] S. Garg P. Mohassel and C. Papamanthou. TWORAM: efficient oblivious RAM in two rounds with applications to searchable encryption. In Advances in Cryptology -CRYPTO 2016 pages 563–592 2016.

  • [19] O. Goldreich S. Goldwasser and S. Micali. How to construct random functions. In IEEE Symposium on the Foundations of Computer Science (FOCS ‘84) pages 464–479. IEEE Computer Society 1984.

  • [20] P. Grubbs T. Ristenpart and V. Shmatikov. Why your encrypted database is not secure. In Workshop on Hot Topics in Operating Systems (HotOS ‘17) pages 162–168 New York NY USA 2017. ACM.

  • [21] F. Hahn and F. Kerschbaum. Searchable encryption with secure and efficient updates. In ACM Conference on Computer and Communications Security (CCS ‘14) CCS ‘14 pages 310–320 New York NY USA 2014. ACM.

  • [22] M. Saiful Islam M. Kuzu and M. Kantarcioglu. Access pattern disclosure on searchable encryption: Ramification attack and mitigation. In Network and Distributed System Security Symposium (NDSS ‘12) 2012.

  • [23] S. Kamara and T. Moataz. Boolean searchable symmetric encryption with worst-case sub-linear complexity. In Advances in Cryptology - EUROCRYPT ‘17 2017.

  • [24] S. Kamara and C. Papamanthou. Parallel and dynamic searchable symmetric encryption. In Financial Cryptography and Data Security (FC ‘13) 2013.

  • [25] Seny Kamara and Tarik Moataz. SQL on structurally-encrypted databases. IACR Cryptology ePrint Archive 2016:453 2016.

  • [26] J. Katz and Y. Lindell. Introduction to Modern Cryptography. Chapman & Hall/CRC 2008.

  • [27] Florian Kerschbaum and Anselme Tueno. An efficiently searchable encrypted data structure for range queries. CoRR abs/1709.09314 2017.

  • [28] K. Kurosawa and Y. Ohtaki. How to update documents verifiably in searchable symmetric encryption. In International Conference on Cryptology and Network Security (CANS ‘13) pages 309–328 2013.

  • [29] Russell W. F. Lai and Sherman S. M. Chow. Forward-secure searchable encryption on labeled bipartite graphs. In Applied Cryptography and Network Security - 15th International Conference ACNS 2017 Kanazawa Japan July 10-12 2017 Proceedings pages 478–497 2017.

  • [30] K. Lewi and D. Wu. Order-revealing encryption: New constructions applications and lower bounds. In ACM Conference on Computer and Communications Security (CCS ‘16) 2016.

  • [31] Lucene. Parser. In

  • [32] X. Meng S. Kamara K. Nissim and G. Kollios. Grecs: Graph encryption for approximate shortest distance queries. In ACM Conference on Computer and Communications Security (CCS 15) 2015.

  • [33] I. Miers and P. Mohassel. Io-dsse: Scaling dynamic searchable encryption to millions of indexes by improving locality. Cryptology ePrint Archive Report 2016/830 2016.

  • [34] T. Moataz. Clusion.

  • [35] M. Naor and V. Teague. Anti-presistence: history independent data structures. In STOC ‘01: Proceedings of the thirty-third annual ACM symposium on Theory of computing pages 492–501 New York NY USA 2001. ACM.

  • [36] M. Naveed M. Prabhakaran and C. Gunter. Dynamic searchable encryption via blind storage. In IEEE Symposium on Security and Privacy (S&P ‘14) 2014.

  • [37] V. Pappas F. Krell B. Vo V. Kolesnikov T. Malkin S.-G. Choi W. George A. Keromytis and S. Bellovin. Blind seer: A scalable private dbms. In Security and Privacy (SP) 2014 IEEE Symposium on pages 359–374. IEEE 2014.

  • [38] E. Stefanov C. Papamanthou and E. Shi. Practical dynamic searchable encryption with small leakage. In Network and Distributed System Security Symposium (NDSS ‘14) 2014.

  • [39] Y. Zhang J. Katz and C. Papamanthou. All your queries are belong to us: The power of file-injection attacks on searchable encryption. In USENIX Security Symposium 2016.

Journal information
All Time Past Year Past 30 Days
Abstract Views 0 0 0
Full Text Views 1299 282 13
PDF Downloads 284 213 15