Lower Bounds for Encrypted Multi-Maps and Searchable Encryption in the Leakage Cell Probe Model

Encrypted multi-maps (EMMs) enable clients to outsource the storage of a multi-map to a potentially untrusted server while maintaining the ability to perform operations in a privacy-preserving manner. EMMs are an important primitive as they are an integral building block for many practical applications such as searchable encryption and encrypted databases. In this work, we formally examine the tradeoffs between privacy and efficiency for EMMs.

[1]  Andrew Chi-Chih Yao,et al.  Should Tables Be Sorted? , 1981, JACM.

[2]  Michael E. Saks,et al.  The cell probe complexity of dynamic data structures , 1989, STOC '89.

[3]  Rafail Ostrovsky,et al.  Efficient computation on oblivious RAMs , 1990, STOC '90.

[4]  Friedhelm Meyer auf der Heide,et al.  Dynamic Perfect Hashing: Upper and Lower Bounds , 1994, SIAM J. Comput..

[5]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[6]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[7]  Rasmus Pagh,et al.  Lossy Dictionaries , 2001, ESA.

[8]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[9]  Erik D. Demaine,et al.  Logarithmic Lower Bounds in the Cell-Probe Model , 2005, SIAM J. Comput..

[10]  Mihir Bellare,et al.  Deterministic and Efficiently Searchable Encryption , 2007, CRYPTO.

[11]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[12]  Melissa Chase,et al.  Structured Encryption and Controlled Disclosure , 2010, IACR Cryptol. ePrint Arch..

[13]  Rasmus Pagh,et al.  Hashing, randomness and dictionaries , 2010 .

[14]  Dan Boneh,et al.  Remote Oblivious Storage: Making Oblivious RAM Practical , 2011 .

[15]  Nathan Chenette,et al.  Order-Preserving Encryption Revisited: Improved Security Analysis and Alternative Solutions , 2011, CRYPTO.

[16]  Hari Balakrishnan,et al.  CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.

[17]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: Improved definitions and efficient constructions , 2011, J. Comput. Secur..

[18]  Michael T. Goodrich,et al.  Practical oblivious storage , 2012, CODASPY '12.

[19]  Charalampos Papamanthou,et al.  Dynamic searchable symmetric encryption , 2012, IACR Cryptol. ePrint Arch..

[20]  Kasper Green Larsen The cell probe complexity of dynamic range counting , 2011, STOC '12.

[21]  Murat Kantarcioglu,et al.  Access Pattern disclosure on Searchable Encryption: Ramification, Attack and Mitigation , 2012, NDSS.

[22]  Nathan Chenette,et al.  Order-Preserving Symmetric Encryption , 2009, IACR Cryptol. ePrint Arch..

[23]  Hugo Krawczyk,et al.  Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries , 2013, IACR Cryptol. ePrint Arch..

[24]  Elaine Shi,et al.  Practical Dynamic Searchable Encryption with Small Leakage , 2014, NDSS.

[25]  David Cash,et al.  The Locality of Searchable Symmetric Encryption , 2014, IACR Cryptol. ePrint Arch..

[26]  Hugo Krawczyk,et al.  Dynamic Searchable Encryption in Very-Large Databases: Data Structures and Implementation , 2014, NDSS.

[27]  Tal Malkin,et al.  Malicious-Client Security in Blind Seer: A Scalable Private DBMS , 2015, 2015 IEEE Symposium on Security and Privacy.

[28]  Charles V. Wright,et al.  Inference Attacks on Property-Preserving Encrypted Databases , 2015, CCS.

[29]  Sanjam Garg,et al.  TWORAM: Round-Optimal Oblivious RAM with Applications to Searchable Encryption , 2015, IACR Cryptol. ePrint Arch..

[30]  Mark Zhandry,et al.  Semantically Secure Order-Revealing Encryption: Multi-input Functional Encryption Without Obfuscation , 2015, EUROCRYPT.

[31]  Raphael Bost,et al.  Sophos - Forward Secure Searchable Encryption , 2016, IACR Cryptol. ePrint Arch..

[32]  Seny Kamara,et al.  SQL on Structurally-Encrypted Databases , 2018, IACR Cryptol. ePrint Arch..

[33]  Sanjam Garg,et al.  TWORAM: Efficient Oblivious RAM in Two Rounds with Applications to Searchable Encryption , 2016, CRYPTO.

[34]  Adam O'Neill,et al.  Generic Attacks on Secure Outsourced Databases , 2016, CCS.

[35]  Jonathan Katz,et al.  All Your Queries Are Belong to Us: The Power of File-Injection Attacks on Searchable Encryption , 2016, USENIX Security Symposium.

[36]  Raphael Bost,et al.  ∑oφoς: Forward Secure Searchable Encryption , 2016, CCS.

[37]  David J. Wu,et al.  Order-Revealing Encryption: New Constructions, Applications, and Lower Bounds , 2016, IACR Cryptol. ePrint Arch..

[38]  Moni Naor,et al.  Searchable symmetric encryption: optimal locality in linear space via two-dimensional balanced allocations , 2016, STOC.

[39]  David Cash,et al.  Leakage-Abuse Attacks Against Searchable Encryption , 2015, IACR Cryptol. ePrint Arch..

[40]  Charles V. Wright,et al.  The Shadow Nemesis: Inference Attacks on Efficiently Deployable, Efficiently Searchable Encryption , 2016, CCS.

[41]  Moni Naor,et al.  Is There an Oblivious RAM Lower Bound? , 2016, ITCS.

[42]  Ioannis Demertzis,et al.  Fast Searchable Encryption With Tunable Locality , 2017, SIGMOD Conference.

[43]  Brice Minaud,et al.  Forward and Backward Private Searchable Encryption from Constrained Cryptographic Primitives , 2017, CCS.

[44]  Sarvar Patel,et al.  Symmetric Searchable Encryption with Sharing and Unsharing , 2018, IACR Cryptol. ePrint Arch..

[45]  Seny Kamara,et al.  Boolean Searchable Symmetric Encryption with Worst-Case Sub-linear Complexity , 2017, EUROCRYPT.

[46]  Ioannis Demertzis,et al.  Searchable Encryption with Optimal Locality: Achieving Sublogarithmic Read Efficiency , 2018, IACR Cryptol. ePrint Arch..

[47]  Vitaly Shmatikov,et al.  Why Your Encrypted Database Is Not Secure , 2017, HotOS.

[48]  Ian Miers,et al.  IO-DSSE: Scaling Dynamic Searchable Encryption to Millions of Indexes By Improving Locality , 2017, NDSS.

[49]  Abhi Shelat,et al.  Multi-Key Searchable Encryption, Revisited , 2018, IACR Cryptol. ePrint Arch..

[50]  Kevin Yeo,et al.  Lower Bounds for Differentially Private RAMs , 2019, Electron. Colloquium Comput. Complex..

[51]  Daniel Wichs,et al.  Is There an Oblivious RAM Lower Bound for Online Reads? , 2018, Journal of Cryptology.

[52]  Kasper Green Larsen,et al.  Crossing the logarithmic barrier for dynamic Boolean data structure lower bounds , 2017, Electron. Colloquium Comput. Complex..

[53]  Alptekin Küpçü,et al.  Efficient Dynamic Searchable Encryption with Forward Privacy , 2017, Proc. Priv. Enhancing Technol..

[54]  Kasper Green Larsen,et al.  Yes, There is an Oblivious RAM Lower Bound! , 2018, IACR Cryptol. ePrint Arch..

[55]  Gil Segev,et al.  Tight Tradeoffs in Searchable Symmetric Encryption , 2018, IACR Cryptol. ePrint Arch..

[56]  Rasool Jalili,et al.  New Constructions for Forward and Backward Private Symmetric Searchable Encryption , 2018, CCS.

[57]  Kartik Nayak,et al.  OptORAMa: Optimal Oblivious RAM , 2020, IACR Cryptol. ePrint Arch..

[58]  K. Paterson,et al.  Improved Reconstruction Attacks on Encrypted Data Using Range Query Leakage , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[59]  Sarvar Patel,et al.  PanORAMa: Oblivious RAM with Logarithmic Overhead , 2018, 2018 IEEE 59th Annual Symposium on Foundations of Computer Science (FOCS).

[60]  Seny Kamara,et al.  Structured Encryption and Leakage Suppression , 2018, IACR Cryptol. ePrint Arch..

[61]  Seny Kamara,et al.  Computationally Volume-Hiding Structured Encryption , 2019, EUROCRYPT.

[62]  Pierre-Alain Fouque,et al.  Security-Efficiency Tradeoffs in Searchable Encryption , 2019, IACR Cryptol. ePrint Arch..

[63]  Moti Yung,et al.  Mitigating Leakage in Secure Cloud-Hosted Data Structures: Volume-Hiding for Multi-Maps via Hashing , 2019, CCS.

[64]  Sarvar Patel,et al.  What Storage Access Privacy is Achievable with Small Overhead? , 2019, IACR Cryptol. ePrint Arch..

[65]  Kasper Green Larsen,et al.  Lower Bounds for Multi-Server Oblivious RAMs , 2019, IACR Cryptol. ePrint Arch..

[66]  Kasper Green Larsen,et al.  Lower Bounds for Oblivious Data Structures , 2018, SODA.

[67]  Marie-Sarah Lacharité,et al.  Learning to Reconstruct: Statistical Learning Theory and Encrypted Database Attacks , 2019, 2019 IEEE Symposium on Security and Privacy (SP).

[68]  Karel Král,et al.  Stronger Lower Bounds for Online ORAM , 2019, TCC.

[69]  Tal Malkin,et al.  Lower Bounds for Oblivious Near-Neighbor Search , 2019, IACR Cryptol. ePrint Arch..

[70]  Roberto Tamassia,et al.  The State of the Uniform: Attacks on Encrypted Databases Beyond the Uniform Query Distribution , 2020, 2020 IEEE Symposium on Security and Privacy (SP).

[71]  Daniel Wichs,et al.  Is There an Oblivious RAM Lower Bound for Online Reads? , 2021, J. Cryptol..