Obfuscated Access and Search Patterns in Searchable Encryption

Searchable Symmetric Encryption (SSE) allows a data owner to securely outsource its encrypted data to a cloud server while maintaining the ability to search over it and retrieve matched documents. Most existing SSE schemes leak which documents are accessed per query, i.e., the so-called access patte...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Shang, Zhiwei, Oya, Simon, Peter, Andreas, Kerschbaum, Florian
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue
container_start_page
container_title
container_volume
creator Shang, Zhiwei
Oya, Simon
Peter, Andreas
Kerschbaum, Florian
description Searchable Symmetric Encryption (SSE) allows a data owner to securely outsource its encrypted data to a cloud server while maintaining the ability to search over it and retrieve matched documents. Most existing SSE schemes leak which documents are accessed per query, i.e., the so-called access pattern, and thus are vulnerable to attacks that can recover the database or the queried keywords. Current techniques that fully hide access patterns, such as ORAM or PIR, suffer from heavy communication or computational costs, and are not designed with search capabilities in mind. Recently, Chen et al. (INFOCOM'18) proposed an obfuscation framework for SSE that protects the access pattern in a differentially private way with a reasonable utility cost. However, this scheme leaks the so-called search pattern, i.e., how many times a certain query is performed. This leakage makes the proposal vulnerable to certain database and query recovery attacks. In this paper, we propose OSSE (Obfuscated SSE), an SSE scheme that obfuscates the access pattern independently for each query performed. This in turn hides the search pattern and makes our scheme resistant against attacks that rely on this leakage. Under certain reasonable assumptions, our scheme has smaller communication overhead than ORAM-based SSE. Furthermore, our scheme works in a single communication round and requires very small constant client-side storage. Our empirical evaluation shows that OSSE is highly effective at protecting against different query recovery attacks while keeping a reasonable utility level. Our protocol provides significantly more protection than the proposal by Chen et al.~against some state-of-the-art attacks, which demonstrates the importance of hiding search patterns in designing effective privacy-preserving SSE schemes.
doi_str_mv 10.48550/arxiv.2102.09651
format Article
fullrecord <record><control><sourceid>arxiv_GOX</sourceid><recordid>TN_cdi_arxiv_primary_2102_09651</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2102_09651</sourcerecordid><originalsourceid>FETCH-LOGICAL-a671-d61d453afe4764112a1d254778ec6524c1906c04c05544010d581391aa2961c63</originalsourceid><addsrcrecordid>eNotz81qAjEUhuFsXBTtBXTV3MBMczLnZGY2goj9AUGh7ofjSQYHNEoyLfXuS62rD97FB49ST2BKbIjMC6ef4bu0YGxpWkfwoOabff-Vhcfg9UIk5Kw5ev0ZOMlBb3kcQ4pZD_GeeH8MehUlXS_jcI4zNen5mMPjfadq97raLd-L9ebtY7lYF-xqKLwDj1RxH7B2CGAZvCWs6yaII4sCrXFiUAwRogHjqYGqBWbbOhBXTdXz_-0N0F3ScOJ07f4g3Q1S_QLWUUEY</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Obfuscated Access and Search Patterns in Searchable Encryption</title><source>arXiv.org</source><creator>Shang, Zhiwei ; Oya, Simon ; Peter, Andreas ; Kerschbaum, Florian</creator><creatorcontrib>Shang, Zhiwei ; Oya, Simon ; Peter, Andreas ; Kerschbaum, Florian</creatorcontrib><description>Searchable Symmetric Encryption (SSE) allows a data owner to securely outsource its encrypted data to a cloud server while maintaining the ability to search over it and retrieve matched documents. Most existing SSE schemes leak which documents are accessed per query, i.e., the so-called access pattern, and thus are vulnerable to attacks that can recover the database or the queried keywords. Current techniques that fully hide access patterns, such as ORAM or PIR, suffer from heavy communication or computational costs, and are not designed with search capabilities in mind. Recently, Chen et al. (INFOCOM'18) proposed an obfuscation framework for SSE that protects the access pattern in a differentially private way with a reasonable utility cost. However, this scheme leaks the so-called search pattern, i.e., how many times a certain query is performed. This leakage makes the proposal vulnerable to certain database and query recovery attacks. In this paper, we propose OSSE (Obfuscated SSE), an SSE scheme that obfuscates the access pattern independently for each query performed. This in turn hides the search pattern and makes our scheme resistant against attacks that rely on this leakage. Under certain reasonable assumptions, our scheme has smaller communication overhead than ORAM-based SSE. Furthermore, our scheme works in a single communication round and requires very small constant client-side storage. Our empirical evaluation shows that OSSE is highly effective at protecting against different query recovery attacks while keeping a reasonable utility level. Our protocol provides significantly more protection than the proposal by Chen et al.~against some state-of-the-art attacks, which demonstrates the importance of hiding search patterns in designing effective privacy-preserving SSE schemes.</description><identifier>DOI: 10.48550/arxiv.2102.09651</identifier><language>eng</language><subject>Computer Science - Cryptography and Security</subject><creationdate>2021-02</creationdate><rights>http://arxiv.org/licenses/nonexclusive-distrib/1.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,777,882</link.rule.ids><linktorsrc>$$Uhttps://arxiv.org/abs/2102.09651$$EView_record_in_Cornell_University$$FView_record_in_$$GCornell_University$$Hfree_for_read</linktorsrc><backlink>$$Uhttps://doi.org/10.48550/arXiv.2102.09651$$DView paper in arXiv$$Hfree_for_read</backlink></links><search><creatorcontrib>Shang, Zhiwei</creatorcontrib><creatorcontrib>Oya, Simon</creatorcontrib><creatorcontrib>Peter, Andreas</creatorcontrib><creatorcontrib>Kerschbaum, Florian</creatorcontrib><title>Obfuscated Access and Search Patterns in Searchable Encryption</title><description>Searchable Symmetric Encryption (SSE) allows a data owner to securely outsource its encrypted data to a cloud server while maintaining the ability to search over it and retrieve matched documents. Most existing SSE schemes leak which documents are accessed per query, i.e., the so-called access pattern, and thus are vulnerable to attacks that can recover the database or the queried keywords. Current techniques that fully hide access patterns, such as ORAM or PIR, suffer from heavy communication or computational costs, and are not designed with search capabilities in mind. Recently, Chen et al. (INFOCOM'18) proposed an obfuscation framework for SSE that protects the access pattern in a differentially private way with a reasonable utility cost. However, this scheme leaks the so-called search pattern, i.e., how many times a certain query is performed. This leakage makes the proposal vulnerable to certain database and query recovery attacks. In this paper, we propose OSSE (Obfuscated SSE), an SSE scheme that obfuscates the access pattern independently for each query performed. This in turn hides the search pattern and makes our scheme resistant against attacks that rely on this leakage. Under certain reasonable assumptions, our scheme has smaller communication overhead than ORAM-based SSE. Furthermore, our scheme works in a single communication round and requires very small constant client-side storage. Our empirical evaluation shows that OSSE is highly effective at protecting against different query recovery attacks while keeping a reasonable utility level. Our protocol provides significantly more protection than the proposal by Chen et al.~against some state-of-the-art attacks, which demonstrates the importance of hiding search patterns in designing effective privacy-preserving SSE schemes.</description><subject>Computer Science - Cryptography and Security</subject><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><sourceid>GOX</sourceid><recordid>eNotz81qAjEUhuFsXBTtBXTV3MBMczLnZGY2goj9AUGh7ofjSQYHNEoyLfXuS62rD97FB49ST2BKbIjMC6ef4bu0YGxpWkfwoOabff-Vhcfg9UIk5Kw5ev0ZOMlBb3kcQ4pZD_GeeH8MehUlXS_jcI4zNen5mMPjfadq97raLd-L9ebtY7lYF-xqKLwDj1RxH7B2CGAZvCWs6yaII4sCrXFiUAwRogHjqYGqBWbbOhBXTdXz_-0N0F3ScOJ07f4g3Q1S_QLWUUEY</recordid><startdate>20210218</startdate><enddate>20210218</enddate><creator>Shang, Zhiwei</creator><creator>Oya, Simon</creator><creator>Peter, Andreas</creator><creator>Kerschbaum, Florian</creator><scope>AKY</scope><scope>GOX</scope></search><sort><creationdate>20210218</creationdate><title>Obfuscated Access and Search Patterns in Searchable Encryption</title><author>Shang, Zhiwei ; Oya, Simon ; Peter, Andreas ; Kerschbaum, Florian</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a671-d61d453afe4764112a1d254778ec6524c1906c04c05544010d581391aa2961c63</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2021</creationdate><topic>Computer Science - Cryptography and Security</topic><toplevel>online_resources</toplevel><creatorcontrib>Shang, Zhiwei</creatorcontrib><creatorcontrib>Oya, Simon</creatorcontrib><creatorcontrib>Peter, Andreas</creatorcontrib><creatorcontrib>Kerschbaum, Florian</creatorcontrib><collection>arXiv Computer Science</collection><collection>arXiv.org</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Shang, Zhiwei</au><au>Oya, Simon</au><au>Peter, Andreas</au><au>Kerschbaum, Florian</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Obfuscated Access and Search Patterns in Searchable Encryption</atitle><date>2021-02-18</date><risdate>2021</risdate><abstract>Searchable Symmetric Encryption (SSE) allows a data owner to securely outsource its encrypted data to a cloud server while maintaining the ability to search over it and retrieve matched documents. Most existing SSE schemes leak which documents are accessed per query, i.e., the so-called access pattern, and thus are vulnerable to attacks that can recover the database or the queried keywords. Current techniques that fully hide access patterns, such as ORAM or PIR, suffer from heavy communication or computational costs, and are not designed with search capabilities in mind. Recently, Chen et al. (INFOCOM'18) proposed an obfuscation framework for SSE that protects the access pattern in a differentially private way with a reasonable utility cost. However, this scheme leaks the so-called search pattern, i.e., how many times a certain query is performed. This leakage makes the proposal vulnerable to certain database and query recovery attacks. In this paper, we propose OSSE (Obfuscated SSE), an SSE scheme that obfuscates the access pattern independently for each query performed. This in turn hides the search pattern and makes our scheme resistant against attacks that rely on this leakage. Under certain reasonable assumptions, our scheme has smaller communication overhead than ORAM-based SSE. Furthermore, our scheme works in a single communication round and requires very small constant client-side storage. Our empirical evaluation shows that OSSE is highly effective at protecting against different query recovery attacks while keeping a reasonable utility level. Our protocol provides significantly more protection than the proposal by Chen et al.~against some state-of-the-art attacks, which demonstrates the importance of hiding search patterns in designing effective privacy-preserving SSE schemes.</abstract><doi>10.48550/arxiv.2102.09651</doi><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier DOI: 10.48550/arxiv.2102.09651
ispartof
issn
language eng
recordid cdi_arxiv_primary_2102_09651
source arXiv.org
subjects Computer Science - Cryptography and Security
title Obfuscated Access and Search Patterns in Searchable Encryption
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-17T11%3A18%3A53IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-arxiv_GOX&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Obfuscated%20Access%20and%20Search%20Patterns%20in%20Searchable%20Encryption&rft.au=Shang,%20Zhiwei&rft.date=2021-02-18&rft_id=info:doi/10.48550/arxiv.2102.09651&rft_dat=%3Carxiv_GOX%3E2102_09651%3C/arxiv_GOX%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true