All Your Queries Are Belong to Us: The Power of File-Injection Attacks on Searchable Encryption Yupeng Zhang, Jonathan Katz, Charalampos Papamanthou University.

Slides:



Advertisements
Similar presentations
Cryptanalysis of a Communication-Efficient Three-Party Password Authenticated Key Exchange Protocol Source: Information Sciences in review Presenter: Tsuei-Hung.
Advertisements

Probabilistic Public Key Encryption with Equality Test Duncan S. Wong Department of Computer Science City University of Hong Kong Joint work with Guomin.
Oblivious Branching Program Evaluation
Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,
Improved TF-IDF Ranker
TI: An Efficient Indexing Mechanism for Real-Time Search on Tweets Chun Chen 1, Feng Li 2, Beng Chin Ooi 2, and Sai Wu 2 1 Zhejiang University, 2 National.
Pete Bohman Adam Kunk.  Introduction  Related Work  System Overview  Indexing Scheme  Ranking  Evaluation  Conclusion.
CMSC 414 Computer (and Network) Security Lecture 4 Jonathan Katz.
Simple and Secure Approach to Discovery at the Desktop.
Introduction to Practical Cryptography Lecture 9 Searchable Encryption.
1 Searchable Symmetric Encryption: Improved Definitions and Efficient Constructions Reza Curtmola Juan Garay Seny Kamara Rafail Ostrovsky Johns Hopkins.
INTRODUCTION PROBLEM FORMULATION FRAMEWORK AND PRIVACY REQUIREMENTS FOR MRSE PRIVACY-PRESERVING AND EFFICIENT MRSE PERFORMANCE ANALYSIS RELATED WORK CONCLUSION.
TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.
Polymorphic blending attacks Prahlad Fogla et al USENIX 2006 Presented By Himanshu Pagey.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
ANLE1 CC 437: Advanced Natural Language Engineering ASSIGNMENT 2: Implementing a query expansion component for a Web Search Engine.
1 Conjunctive Keyword Search on Encrypted Data with Completeness and Computational Privacy Author : Radu Sion Bogdan Carbunar Presentered by Chia Jui Hsu.
CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.
Turning Privacy Leaks into Floods: Surreptitious Discovery of Social Network Friendships Michael T. Goodrich Univ. of California, Irvine joint w/ Arthur.
CMSC 414 Computer and Network Security Lecture 4 Jonathan Katz.
Using Local Information for Personalized Search Haward Jie CS 290C.
1 Secure Indexes Author : Eu-Jin Goh Presented by Yi Cheng Lin.
RFID Cardinality Estimation with Blocker Tags
SIGMOD'061 Energy-Efficient Monitoring of Extreme Values in Sensor Networks Adam Silberstein Kamesh Munagala Jun Yang Duke University.
Storage & Retrieval Privacy
Alert Correlation for Extracting Attack Strategies Authors: B. Zhu and A. A. Ghorbani Source: IJNS review paper Reporter: Chun-Ta Li ( 李俊達 )
Efficient Exact Similarity Searches using Multiple Token Orderings Jongik Kim 1 and Hongrae Lee 2 1 Chonbuk National University, South Korea 2 Google Inc.
Privacy-Aware Personalization for Mobile Advertising
Wai Kit Wong 1, Ben Kao 2, David W. Cheung 2, Rongbin Li 2, Siu Ming Yiu 2 1 Hang Seng Management College, Hong Kong 2 University of Hong Kong.
Private Keyword Search on Streaming Data Rafail Ostrovsky William Skeith UCLA (patent pending)
Annual Conference of ITA ACITA 2010 Secure Sharing in Distributed Information Management Applications: Problems and Directions Piotr Mardziel, Adam Bender,
1 Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data Peishun Wang, Huaxiong Wang, and Josef Pieprzyk: SDM LNCS, vol.
Abstract With the advent of cloud computing, data owners are motivated to outsource their complex data management systems from local sites to the commercial.
Efficient Peer-to-Peer Keyword Searching 1 Efficient Peer-to-Peer Keyword Searching Patrick Reynolds and Amin Vahdat presented by Volker Kudelko.
Exploiting Cache-Timing in AES: Attacks and Countermeasures Ivo Pooters March 17, 2008 Seminar Information Security Technology.
1 AC-Close: Efficiently Mining Approximate Closed Itemsets by Core Pattern Recovery Advisor : Dr. Koh Jia-Ling Speaker : Tu Yi-Lang Date : Hong.
Answering Top-k Queries Using Views Gautam Das (Univ. of Texas), Dimitrios Gunopulos (Univ. of California Riverside), Nick Koudas (Univ. of Toronto), Dimitris.
Attila A. Yavuz Oregon State University
1 Language Specific Crawler for Myanmar Web Pages Pann Yu Mon Management and Information System Engineering Department Nagaoka University of Technology,
Paperless playlist for broadcasting unit. Concept Main idea is to remove the printed paper playlist of the channel and replace it with software The software.
UC/Garbled Searchable Symmetric Encryption Kaoru Kurosawa Ibaraki University, Japan.
Computer System Design Lab 1 Inverted Index Based Multi-Keyword Public-key Searchable Encryption with Strong Privacy Guarantee Bing Wang * Wei Song *†
Full-Text Support in a Database Semantic File System Kristen LeFevre & Kevin Roundy Computer Sciences 736.
Bloom Cookies: Web Search Personalization without User Tracking Authors: Nitesh Mor, Oriana Riva, Suman Nath, and John Kubiatowicz Presented by Ben Summers.
Presented By Amarjit Datta
Multilingual Information Retrieval using GHSOM Hsin-Chang Yang Associate Professor Department of Information Management National University of Kaohsiung.
Searching Over Encrypted Data Charalampos Papamanthou ECE and UMIACS University of Maryland, College Park Research Supported By.
GENERATING RELEVANT AND DIVERSE QUERY PHRASE SUGGESTIONS USING TOPICAL N-GRAMS ELENA HIRST.
Keyword search on encrypted data. Keyword search problem  Linux utility: grep  Information retrieval Basic operation Advanced operations – relevance.
Pete Bohman Adam Kunk.  Introduction  Related Work  System Overview  Indexing Scheme  Ranking  Evaluation  Conclusion.
Scalable Verifiable Encrypted Search Encrypted Search with Third Party Support and Protection From Dishonest Data Stores.
P2P Networking: Freenet Adriane Lau November 9, 2004 MIE456F.
1 CS 8803 AIAD (Spring 2008) Project Group#22 Ajay Choudhari, Avik Sinharoy, Min Zhang, Mohit Jain Smart Seek.
All Your Queries are Belong to Us: The Power of File-Injection Attacks on Searchable Encryption Yupeng Zhang, Jonathan Katz, Charalampos Papamanthou University.
Chord: A Scalable Peer-to-Peer Lookup Service for Internet Applications * CS587x Lecture Department of Computer Science Iowa State University *I. Stoica,
Practical Private Range Search Revisited
Searchable Encryption in Cloud
Professor Tzong-Chen Wu
Efficient Multi-User Indexing for Secure Keyword Search
Optimizing Parallel Algorithms for All Pairs Similarity Search
POLYGRAPH: Automatically Generating Signatures for Polymorphic Worms
Hybrid Cloud Architecture for Software-as-a-Service Provider to Achieve Higher Privacy and Decrease Securiity Concerns about Cloud Computing P. Reinhold.
Fast Searchable Encryption with Tunable Locality
Privacy Preserving Ranked Multi-Keyword
based on slides by Debra Cook
University of Maryland
An Improved Novel Key Management Protocol for RFID Systems
J. Byun et al. In Secure Data Management, LNCS 4165,
Path Oram An Extremely Simple Oblivious RAM Protocol
CRYP-F02 Actively Secure 1-out-of-N OT Extension with Application to Private Set Intersection Peter Scholl (University of Bristol) Michele Orrù (ENS Paris)
Presentation transcript:

All Your Queries Are Belong to Us: The Power of File-Injection Attacks on Searchable Encryption Yupeng Zhang, Jonathan Katz, Charalampos Papamanthou University of Maryland

What is Searchable Encryption? clientserver search query: keyword

An Example of Searchable Encryption k1k1 k2k2 k3k3 F1F1 F4F4 F2F2 F1F1 F2F2 F3F3 F4F4 F5F5 F6F6 F3F3 F6F6 F4F4 F2F2 F5F5 F1F1

k1k1 k2k2 k3k3 F1F1 F4F4 F2F2 F1F1 F2F2 F3F3 F4F4 F5F5 F6F6 F3F3 F6F6 F4F4 F2F2 F5F5 F1F1 k1k1 token

An Example of Searchable Encryption k1k1 k2k2 k3k3 F1F1 F4F4 F2F2 F1F1 F2F2 F3F3 F4F4 F5F5 F6F6 F3F3 F6F6 F4F4 F2F2 F5F5 F1F1 F7F7 F7F7

Leakage of Searchable Encryption k1k1 k2k2 k3k3 F1F1 F4F4 F2F2 F1F1 F2F2 F3F3 F4F4 F5F5 F6F6 F3F3 F6F6 F4F4 F2F2 F5F5 F1F1 k1k1 deterministic! file access patterns! F7F7 F7F7 search k 1 on new files!

Leakage of Searchable Encryption Search pattern leakage. Access pattern leakage. Leaked by all efficient searchable encryption schemes. No Forward Privacy. All SE schemes except [CM05, SPS14] do not have forward privacy.

Goal of Our Work What semantic information does this leakage actually reveal? We explore a new class of attacks that is devastating for query privacy.

Attacks on Searchable Encryption Islam et al. (IKK12) proposed a query recovery attack. Cash et al. (CGPR15) proposed another attack with higher success probability. The server knows all or most of the client’s files in plaintext.

Attack Model: File-injection Attack First proposed in CGPR15, but not used for query recovery attacks. clientserver search query: F1F1 F2F2 F3F3 k F4F4 F5F5 F6F6 F3F3 F5F5

Binary Search Attack k0k0 k1k1 k2k2 k3k3 k4k4 k5k5 k6k6 k7k7 File 1: k0k0 k1k1 k2k2 k3k3 k4k4 k5k5 k6k6 k7k7 File 2: k0k0 k1k1 k2k2 k3k3 k4k4 k5k5 k6k6 k7k7 File 3: search result Only inject 14 files for a universe of 10,000 keywords. Inject before seeing the queries (non-adaptive). Can recover all queries with probability 1.

Threshold Countermeasure Limitation of the attack: long injected files (|K|/2 keywords each). Countermeasure: filter all files that contains more than T keywords. Enron data set: 30,109 files, universe of 5,000 keywords Only 3% of files have more than T=200 keywords. Enron dataset. Accessed:

Modifying the Attack |K|/2T files of T keywords each to replace 1 file with |K|/2 keywords. Inject 131 files for |K|=5,000 and T=200. k0k0 k1k1 k2k2 k3k3 k4k4 k5k5 k6k6 k7k7 File 1: File 1File 2

Attacks with Partial File Leakage The server learns a portion of client’s files in plaintext. (Announcement and alert s broadcasted to many people)

Attacks with Partial File Leakage Adaptive, applies to SE schemes with no forward privacy. The server does not always succeed, but can determine whether attacks fails. k1k1 k2k2 k3k3 keywords estimated frequency f*(k 1 ) f*(k 2 ) f*(k 3 ) t f(t) k4k4 k5k5 f*(k 4 ) f*(k 5 ) token exact frequency candidate universe: f*(k)≈f(t) binary search attack

Attacks with Partial File Leakage Refer to our paper for an attack to recover multiple tokens

Experimental Methodology Enron data set with 30,109 s. Stem words in the s (remove -able, -ing etc.). Remove stop words (“to”, “you” etc.). Extract keywords (in total 77,000). Choose top 5,000 with highest frequency as the universe.

Experimental Results: Recover 1 Query U = 5,000, T = 200, number of injected files = 9

Experimental Results: Recover 100 Queries U = 5,000, T = 200, number of injected files <= 40

Extensions to Conjunctive SE Search files with keywords k 1, k 2, … k d. Ideal leakage: only leak the intersection of their search results. (No existing scheme achieves ideal leakage.)

Extensions to Conjunctive SE

Two other attacks, refer to our paper for more details.

Discussions on Potential Countermeasures Semantic filter. Search result padding. File ID shuffling and file length padding. Batched updates. Does not work! Partially works for static SE. Partially works.

Conclusions File-injection attacks are devastating for query privacy in SE Is it a satisfactory tradeoff between efficiency and leakage for existing SE? Future research:  Reduce or eliminate access pattern leakage  Exploring new directions such as interactive protocol or multi-server Forward Privacy

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.