Encrypted Databases: New Volume Attacks against Range Queries

We present a range of novel attacks which exploit information about the volume of answers to range queries in encrypted database. Our attacks rely on a strategy which is simple yet robust and effective. We illustrate the robustness of our strategy in a number of ways. We show how i) to adapt the attack for several variations of a basic usage scenario ii) to defeat countermeasures intended to thwart the premise of our basic attack and iii) to perform partial reconstruction of secret data when unique reconstruction is information theoretically impossible. Furthermore, over the state of the art, our attacks require one order of magnitude fewer queries. We show how to improve the attacks even further, under the assumption that some partial information is known to the adversary. We validate experimentally all of our attacks through extensive experiments on real-world medical data and justify theoretically the effectiveness of our strategy for the basic attack scenario. Our new attacks further underscore the difficulty of striking an appropriate functionality-security trade-off for encrypted databases.

[1]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: improved definitions and efficient constructions , 2006, CCS '06.

[2]  Adam O'Neill,et al.  Accessing Data while Preserving Privacy , 2017, ArXiv.

[3]  Willy Susilo,et al.  A Secure Channel Free Public Key Encryption with Keyword Search Scheme without Random Oracle , 2009, CANS.

[4]  Carlo Curino,et al.  Relational Cloud: a Database Service for the cloud , 2011, CIDR.

[5]  L. Gordon,et al.  Two moments su ce for Poisson approx-imations: the Chen-Stein method , 1989 .

[6]  Joonsang Baek,et al.  On the Integration of Public Key Data Encryption and Public Key Encryption with Keyword Search , 2006, ISC.

[7]  Hugo Krawczyk,et al.  Dynamic Searchable Encryption in Very-Large Databases: Data Structures and Implementation , 2014, NDSS.

[8]  K. Paterson,et al.  Improved Reconstruction Attacks on Encrypted Data Using Range Query Leakage , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[9]  C. Stein A bound for the error in the normal approximation to the distribution of a sum of dependent random variables , 1972 .

[10]  Elaine Shi,et al.  Practical Dynamic Searchable Encryption with Small Leakage , 2014, NDSS.

[11]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[12]  Hakan Hacigümüs,et al.  Providing database as a service , 2002, Proceedings 18th International Conference on Data Engineering.

[13]  Adam O'Neill,et al.  Generic Attacks on Secure Outsourced Databases , 2016, CCS.

[14]  Gene Tsudik,et al.  A Privacy-Preserving Index for Range Queries , 2004, VLDB.

[15]  Louis H. Y. Chen An approximation theorem for sums of certain randomly selected indicators , 1975 .

[16]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[17]  Marie-Sarah Lacharité,et al.  Learning to Reconstruct: Statistical Learning Theory and Encrypted Database Attacks , 2019, 2019 IEEE Symposium on Security and Privacy (SP).

[18]  Louis H. Y. Chen Poisson Approximation for Dependent Trials , 1975 .

[19]  Marie-Sarah Lacharité,et al.  Pump up the Volume: Practical Database Reconstruction from Volume Leakage on Range Queries , 2018, CCS.