Security-Efficiency Tradeoffs in Searchable Encryption

Open access

Abstract

Besides their security, the efficiency of searchable encryption schemes is a major criteria when it comes to their adoption: in order to replace an unencrypted database by a more secure construction, it must scale to the systems which rely on it. Unfortunately, the relationship between the efficiency and the security of searchable encryption has not been widely studied, and the minimum cost of some crucial security properties is still unclear.

In this paper, we present new lower bounds on the trade-offs between the size of the client state, the efficiency and the security for searchable encryption schemes. These lower bounds target two kinds of schemes: schemes hiding the repetition of search queries, and forward-private dynamic schemes, for which updates are oblivious.

We also show that these lower bounds are tight, by either constructing schemes matching them, or by showing that even a small increase in the amount of leaked information allows for constructing schemes breaking the lower bounds.

If the inline PDF is not rendering correctly, you can download the PDF file here.

  • [AKL+18] Asharov G. Komargodski I. Lin W.K. Nayak K. Peserico E. and Shi E. OptORAMa: Optimal oblivious ram. Cryptology ePrint Archive Report 2018/892 (2018). https://eprint.iacr.org/2018/892.

  • [ANSS16] Asharov G. Naor M. Segev G. and Shahaf I. Searchable symmetric encryption: optimal locality in linear space via two-dimensional balanced allocations. In: D. Wichs and Y. Mansour (eds.) 48th ACM STOC pp. 1101–1114. ACM Press (Jun. 2016).

  • [ASS18] Asharov G. Segev G. and Shahaf I. Tight tradeoffs in searchable symmetric encryption. In: H. Shacham and A. Boldyreva (eds.) CRYPTO 2018 Part I LNCS vol. 10991 pp. 407–436. Springer Heidelberg (Aug. 2018).

  • [BBO07] Bellare M. Boldyreva A. and O’Neill A. Deterministic and efficiently searchable encryption. In: A. Menezes (ed.) CRYPTO 2007 LNCS vol. 4622 pp. 535–552. Springer Heidelberg (Aug. 2007).

  • [BCLO09] Boldyreva A. Chenette N. Lee Y. and O’Neill A. Order-preserving symmetric encryption. In: A. Joux (ed.) EUROCRYPT 2009 LNCS vol. 5479 pp. 224–241. Springer Heidelberg (Apr. 2009).

  • [BDOP04] Boneh D. Di Crescenzo G. Ostrovsky R. and Persiano G. Public key encryption with keyword search. In: C. Cachin and J. Camenisch (eds.) EUROCRYPT 2004 LNCS vol. 3027 pp. 506–522. Springer Heidelberg (May 2004).

  • [BFP16] Bost R. Fouque P.A. and Pointcheval D. Verifiable dynamic symmetric searchable encryption: Optimality and forward security. Cryptology ePrint Archive Report 2016/062 (2016). http://eprint.iacr.org/2016/062.

  • [BKOS07] Boneh D. Kushilevitz E. Ostrovsky R. and Skeith III W.E. Public key encryption that allows PIR queries. In: A. Menezes (ed.) CRYPTO 2007 LNCS vol. 4622 pp. 50–67. Springer Heidelberg (Aug. 2007).

  • [BMO17] Bost R. Minaud B. and Ohrimenko O. Forward and backward private searchable encryption from constrained cryptographic primitives. In: B.M. Thuraisingham D. Evans T. Malkin and D. Xu (eds.) ACM CCS 2017 pp. 1465–1482. ACM Press (Oct. / Nov. 2017).

  • [BN16] Boyle E. and Naor M. Is there an oblivious RAM lower bound? In: M. Sudan (ed.) ITCS 2016 pp. 357–368. ACM (Jan. 2016).

  • [Bos16] Bost R. Σοφος: Forward secure searchable encryption. In: E.R. Weippl S. Katzenbeisser C. Kruegel A.C. Myers and S. Halevi (eds.) ACM CCS 2016 pp. 1143–1154. ACM Press (Oct. 2016).

  • [Bos18] Bost R. Searchable Encryption – New Constructions of Encrypted Databases. Ph.D. thesis Université de Rennes 1 (January 2018). URL https://www.theses.fr/2018REN1S001.

  • [BR06] Bellare M. and Rogaway P. The security of triple encryption and a framework for code-based game-playing proofs. In: S. Vaudenay (ed.) EUROCRYPT 2006 LNCS vol. 4004 pp. 409–426. Springer Heidelberg (May / Jun. 2006).

  • [CGKO06] Curtmola R. Garay J.A. Kamara S. and Ostrovsky R. Searchable symmetric encryption: improved definitions and efficient constructions. In: A. Juels R.N. Wright and S. De Capitani di Vimercati (eds.) ACM CCS 2006 pp. 79–88. ACM Press (Oct. / Nov. 2006).

  • [CGPR15] Cash D. Grubbs P. Perry J. and Ristenpart T. Leakage-abuse attacks against searchable encryption. In: I. Ray N. Li and C. Kruegel (eds.) ACM CCS 2015 pp. 668–679. ACM Press (Oct. 2015).

  • [CJJ+13] Cash D. Jarecki S. Jutla C.S. Krawczyk H. Rosu M.C. and Steiner M. Highly-scalable searchable symmetric encryption with support for Boolean queries. In: R. Canetti and J.A. Garay (eds.) CRYPTO 2013 Part I LNCS vol. 8042 pp. 353–373. Springer Heidelberg (Aug. 2013).

  • [CK10] Chase M. and Kamara S. Structured encryption and controlled disclosure. In: M. Abe (ed.) ASIACRYPT 2010 LNCS vol. 6477 pp. 577–594. Springer Heidelberg (Dec. 2010).

  • [CT14] Cash D. and Tessaro S. The locality of searchable symmetric encryption. In: P.Q. Nguyen and E. Oswald (eds.) EUROCRYPT 2014 LNCS vol. 8441 pp. 351–368. Springer Heidelberg (May 2014).

  • [DDF+16] Devadas S. Dijk M. Fletcher C.W. Ren L. Shi E. and Wichs D. Onion ORAM: A constant bandwidth blowup oblivious RAM. In: E. Kushilevitz and T. Malkin (eds.) TCC 2016-A Part II LNCS vol. 9563 pp. 145–174. Springer Heidelberg (Jan. 2016).

  • [DPP18] Demertzis I. Papadopoulos D. and Papamanthou C. Searchable encryption with optimal locality: Achieving sublogarithmic read efficiency. In: H. Shacham and A. Boldyreva (eds.) CRYPTO 2018 Part I LNCS vol. 10991 pp. 371–406. Springer Heidelberg (Aug. 2018).

  • [EKPE18] Etemad M. Küpçü A. Papamanthou C. and Evans D. Efficient dynamic searchable encryption with forward privacy. PoPETs vol. 2018(1):(2018) pp. 5–20. URL https://doi.org/10.1515/popets-2018-0002.

  • [Gen09] Gentry C. A fully homomorphic encryption scheme. Ph.D. thesis Stanford University (2009). crypto.stanford.edu/craig.

  • [GMP16] Garg S. Mohassel P. and Papamanthou C. TWORAM: Efficient oblivious RAM in two rounds with applications to searchable encryption. In: M. Robshaw and J. Katz (eds.) CRYPTO 2016 Part III LNCS vol. 9816 pp. 563–592. Springer Heidelberg (Aug. 2016).

  • [GO96] Goldreich O. and Ostrovsky R. Software protection and simulation on oblivious RAMs. Journal of the ACM vol. 43(3):(1996) pp. 431–473.

  • [GSB+17] Grubbs P. Sekniqi K. Bindschaedler V. Naveed M. and Ristenpart T. Leakage-abuse attacks against order-revealing encryption. In: 2017 IEEE Symposium on Security and Privacy pp. 655–672. IEEE Computer Society Press (May 2017).

  • [JJK+13] Jarecki S. Jutla C.S. Krawczyk H. Rosu M.C. and Steiner M. Outsourced symmetric private information retrieval. In: A.R. Sadeghi V.D. Gligor and M. Yung (eds.) ACM CCS 2013 pp. 875–888. ACM Press (Nov. 2013).

  • [KKL+17] Kim K.S. Kim M. Lee D. Park J.H. and Kim W.H. Forward secure dynamic searchable symmetric encryption with efficient updates. In: B.M. Thuraisingham D. Evans T. Malkin and D. Xu (eds.) ACM CCS 2017 pp. 1449–1463. ACM Press (Oct. / Nov. 2017).

  • [KM17] Kamara S. and Moataz T. Boolean searchable symmetric encryption with worst-case sub-linear complexity. In: J. Coron and J.B. Nielsen (eds.) EUROCRYPT 2017 Part III LNCS vol. 10212 pp. 94–124. Springer Heidelberg (Apr. / May 2017).

  • [KMO18] Kamara S. Moataz T. and Ohrimenko O. Structured encryption and leakage suppression. In: H. Shacham and A. Boldyreva (eds.) CRYPTO 2018 Part I LNCS vol. 10991 pp. 339–370. Springer Heidelberg (Aug. 2018).

  • [KO12] Kurosawa K. and Ohtaki Y. UC-secure searchable symmetric encryption. In: A.D. Keromytis (ed.) FC 2012 LNCS vol. 7397 pp. 285–298. Springer Heidelberg (Feb. / Mar. 2012).

  • [KO13] Kurosawa K. and Ohtaki Y. How to update documents verifiably in searchable symmetric encryption. In: M. Abdalla C. Nita-Rotaru and R. Dahab (eds.) CANS 13 LNCS vol. 8257 pp. 309–328. Springer Heidelberg (Nov. 2013).

  • [KP13] Kamara S. and Papamanthou C. Parallel and dynamic searchable symmetric encryption. In: A.R. Sadeghi (ed.) FC 2013 LNCS vol. 7859 pp. 258–274. Springer Heidelberg (Apr. 2013).

  • [KPR12] Kamara S. Papamanthou C. and Roeder T. Dynamic searchable symmetric encryption. In: T. Yu G. Danezis and V.D. Gligor (eds.) ACM CCS 2012 pp. 965–976. ACM Press (Oct. 2012).

  • [LN18] Larsen K.G. and Nielsen J.B. Yes there is an oblivious RAM lower bound! In: H. Shacham and A. Boldyreva (eds.) CRYPTO 2018 Part II LNCS vol. 10992 pp. 523–542. Springer Heidelberg (Aug. 2018).

  • [LO13] Lu S. and Ostrovsky R. How to garble RAM programs. In: T. Johansson and P.Q. Nguyen (eds.) EUROCRYPT 2013 LNCS vol. 7881 pp. 719–734. Springer Heidelberg (May 2013).

  • [Nav15] Naveed M. The fallacy of composition of oblivious RAM and searchable encryption. Cryptology ePrint Archive Report 2015/668 (2015). http://eprint.iacr.org/2015/668.

  • [NKW15] Naveed M. Kamara S. and Wright C.V. Inference attacks on property-preserving encrypted databases. In: I. Ray N. Li and C. Kruegel (eds.) ACM CCS 2015 pp. 644–655. ACM Press (Oct. 2015).

  • [PKV+14] Pappas V. Krell F. Vo B. Kolesnikov V. Malkin T. Choi S.G. George W. Keromytis A.D. and Bellovin S. Blind seer: A scalable private DBMS. In: 2014 IEEE Symposium on Security and Privacy pp. 359–374. IEEE Computer Society Press (May 2014).

  • [PLZ13] Popa R.A. Li F.H. and Zeldovich N. An ideal-security protocol for order-preserving encoding. In: 2013 IEEE Symposium on Security and Privacy pp. 463–477. IEEE Computer Society Press (May 2013).

  • [PRZB11] Popa R.A. Redfield C. Zeldovich N. and Balakrishnan H. Cryptdb: protecting confidentiality with encrypted query processing. In: ACM SOSP 11 pp. 85–100. ACM (2011).

  • [PZ13] Popa R.A. and Zeldovich N. Multi-key searchable encryption. Cryptology ePrint Archive Report 2013/508 (2013). http://eprint.iacr.org/2013/508.

  • [SPS14] Stefanov E. Papamanthou C. and Shi E. Practical dynamic searchable encryption with small leakage. In: NDSS 2014. The Internet Society (Feb. 2014).

  • [SWP00] Song D.X. Wagner D. and Perrig A. Practical techniques for searches on encrypted data. In: 2000 IEEE Symposium on Security and Privacy pp. 44–55. IEEE Computer Society Press (May 2000).

  • [WNL+14] Wang X.S. Nayak K. Liu C. Chan T.H.H. Shi E. Stefanov E. and Huang Y. Oblivious data structures. In: G.J. Ahn M. Yung and N. Li (eds.) ACM CCS 2014 pp. 215–226. ACM Press (Nov. 2014).

  • [WW18] Weiss M. and Wichs D. Is there an oblivious RAM lower bound for online reads? Cryptology ePrint Archive Report 2018/619 (2018). https://eprint.iacr.org/2018/619.

  • [ZKP16] Zhang Y. Katz J. and Papamanthou C. All your queries are belong to us: The power of file-injection attacks on searchable encryption. In: T. Holz and S. Savage (eds.) USENIX Security 2016 pp. 707–720. USENIX Association (Aug. 2016).

Search
Journal information
Metrics
All Time Past Year Past 30 Days
Abstract Views 0 0 0
Full Text Views 65 65 45
PDF Downloads 45 45 28