Published September 22, 2022 | Version v1
Conference paper Open

VAL: Volume and Access Pattern Leakage-abuse Attack with Leaked Documents

  • 1. Delft University of Technology
  • 2. Singapore Management University, Fujian Normal University

Description

Searchable Encryption schemes provide secure search over encrypted databases while allowing admitted information leakages. Generally, the leakages can be categorized into access and volume pattern. In most existing SE schemes, these leakages are caused by practical designs but are considered an acceptable price to achieve high search efficiency. Recent attacks have shown that such leakages could be easily exploited to retrieve the underlying keywords for search queries. Under the umbrella of attacking SE, we design a new Volume and Access Pattern Leakage-Abuse Attack (VAL-Attack) that improves the matching technique of LEAP (CCS ’21) and exploits both the access and volume patterns. Our proposed attack only leverages leaked documents and the keywords present in those documents as auxiliary knowledge and can effectively retrieve document and keyword matches from leaked data. Furthermore, the recovery performs without false positives. We further compare VAL-Attack with two recent well-defined attacks on several real-world datasets to highlight the effectiveness of our attack and present the performance under popular countermeasures.

Notes

https://doi.org/10.1007/978-3-031-17146-8_32

Files

VAL_attack.pdf

Files (1.9 MB)

Name Size Download all
md5:583bf694f4825bd8f06f0161ee7c7061
1.9 MB Preview Download

Additional details

Funding

ASSURED – Future Proofing of ICT Trust Chains: Sustainable Operational Assurance and Verification Remote Guards for Systems-of-Systems Security and Privacy 952697
European Commission