VAL: Volume and Access Pattern Leakage-Abuse Attack with Leaked Documents

Steven Lambregts, Huanhuan Chen, Jianting Ning*, Kaitai Liang

*Corresponding author for this work

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

2 Citations (Scopus)
59 Downloads (Pure)

Abstract

Searchable Encryption schemes provide secure search over encrypted databases while allowing admitted information leakages. Generally, the leakages can be categorized into access and volume pattern. In most existing SE schemes, these leakages are caused by practical designs but are considered an acceptable price to achieve high search efficiency. Recent attacks have shown that such leakages could be easily exploited to retrieve the underlying keywords for search queries. Under the umbrella of attacking SE, we design a new Volume and Access Pattern Leakage-Abuse Attack (VAL-Attack) that improves the matching technique of LEAP (CCS ’21) and exploits both the access and volume patterns. Our proposed attack only leverages leaked documents and the keywords present in those documents as auxiliary knowledge and can effectively retrieve document and keyword matches from leaked data. Furthermore, the recovery performs without false positives. We further compare VAL-Attack with two recent well-defined attacks on several real-world datasets to highlight the effectiveness of our attack and present the performance under popular countermeasures.

Original languageEnglish
Title of host publicationComputer Security – ESORICS 2022 - 27th European Symposium on Research in Computer Security, Proceedings
EditorsVijayalakshmi Atluri, Roberto Di Pietro, Christian D. Jensen, Weizhi Meng
Place of PublicationCham
PublisherSpringer
Pages653-676
Number of pages24
ISBN (Electronic)978-3-031-17140-6
ISBN (Print)978-3-031-17139-0
DOIs
Publication statusPublished - 2022
Event27th European Symposium on Research in Computer Security, ESORICS 2022 - Virtual, Online
Duration: 26 Sept 202230 Sept 2022

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
PublisherSpringer
Volume13554
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference27th European Symposium on Research in Computer Security, ESORICS 2022
CityVirtual, Online
Period26/09/2230/09/22

Bibliographical note

Green Open Access added to TU Delft Institutional Repository 'You share, we take care!' - Taverne project https://www.openaccess.nl/en/you-share-we-take-care
Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.

Keywords

  • Access pattern
  • Attack
  • Leakage
  • Searchable encryption
  • Volume pattern

Fingerprint

Dive into the research topics of 'VAL: Volume and Access Pattern Leakage-Abuse Attack with Leaked Documents'. Together they form a unique fingerprint.

Cite this