Paper 2022/947

Volume and Access Pattern Leakage-abuse Attack with Leaked Documents

Steven Lambregts, Delft University of Technology
Huanhuan Chen, Delft University of Technology
Jianting Ning, Singapore Management University, Fujian Normal University
Kaitai Liang, Delft University of Technology
Abstract

Searchable Encryption schemes provide secure search over encrypted databases while allowing admitted information leakages. Generally, the leakages can be categorized into access and volume pattern. In most existing SE schemes, these leakages are caused by practical designs but are considered an acceptable price to achieve high search efficiency. Recent attacks have shown that such leakages could be easily exploited to retrieve the underlying keywords for search queries. Under the umbrella of attacking SE, we design a new Volume and Access Pattern Leakage-Abuse Attack (VAL-Attack) that improves the matching technique of LEAP (CCS ’21) and exploits both the access and volume patterns. Our proposed attack only leverages leaked documents and the keywords present in those documents as auxiliary knowledge and can effectively retrieve document and keyword matches from leaked data. Furthermore, the recovery performs without false positives. We further compare VAL-Attack with two recent well-defined attacks on several real-world datasets to highlight the effectiveness of our attack and present the performance under popular countermeasures.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Preprint.
Keywords
Searchable Encryption Access pattern Volume pattern Leakage Attack
Contact author(s)
s f lambregts @ student tudelft nl
h chen-2 @ tudelft nl
jtning88 @ gmail com
kaitai liang @ tudelft nl
History
2022-07-23: approved
2022-07-22: received
See all versions
Short URL
https://ia.cr/2022/947
License
Creative Commons Attribution-NonCommercial-ShareAlike
CC BY-NC-SA

BibTeX 

@misc{cryptoeprint:2022/947,
      author = {Steven Lambregts and Huanhuan Chen and Jianting Ning and Kaitai Liang},
      title = {Volume and Access Pattern Leakage-abuse Attack with Leaked Documents},
      howpublished = {Cryptology ePrint Archive, Paper 2022/947},
      year = {2022},
      note = {\url{https://eprint.iacr.org/2022/947}},
      url = {https://eprint.iacr.org/2022/947}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.