Search Pattern Leakage in Searchable Encryption: Attacks and New Construction
Searching on remote encrypted data (commonly known as searchable encryption) has become an important issue in secure data outsourcing, since it allows users to outsource encrypted data to an untrusted third party while maintains the capability of keyword search on the data.Searchable encryption can be achieved using the classical method called oblivious RAM, but the resultant schemes are too inefficient to be applied in the real-world scenarios (e.g., cloud computing).Recently, a number of efficient searchable encryption schemes have been proposed under weaker security guarantees.Such schemes, however, still leak statistical information about the users search pattern.In this paper, we first present two concrete attack methods to show that the search pattern leakage will result in such a situation: an adversary who has some auxiliary knowledge can uncover the underlying keywords of user queries.To address this issue, we then develop a grouping-based construction (GBC) to transform an existing searchable encryption scheme to a new scheme hiding the search pattern.Finally, experiments based on the real-world dataset demonstrate the effectiveness of our attack methods and the feasibility of our construction.
search pattern searchable encryption cloud computing fake query grouping-based construction
Chang Liu Liehuang Zhu Mingzhong Wang Yu-an Tan
Beijing Engineering Research Center of Massive Language Information Processing and Cloud Computing Application, School of Computer Science and Technology,Beijing Institute of Technology, Beijing 100081, China
国际会议
昆明
英文
459-474
2014-05-01(万方平台首次上网日期,不代表论文的发表时间)