Kamara, Seny ; Kati, Abdelkarim ; Moataz, Tarik ; Schneider, Thomas ; Treiber, Amos ; Yonli, Michael (2021)
Cryptanalysis of encrypted search with LEAKER - a framework for LEakage AttacK Evaluation on Real-world data.
Report, Bibliographie
Kurzbeschreibung (Abstract)
An encrypted search algorithm (ESA) allows a user to encrypt its data while preserving the ability to search over it. As all practical solutions leak some information, cryptanalysis plays an important role in the area of encrypted search. Starting with the work by Islam et al. (NDSS'12), many attacks have been proposed that exploit different leakage profiles under various assumptions. While they aim to improve our common understanding of leakage, it is difficult to draw definite conclusions about their practical risk. This uncertainty stems from many limitations including a lack of reproducibility due to closed-source implementations, empirical evaluations conducted on small and/or unrealistic data, and reliance on very strong assumptions that can significantly affect accuracy. Particularly, assumptions made about the query distribution do not have any empirical basis because datasets containing users' queries are hard to find.
In this work, we address the main limitations of leakage cryptanalysis. First, we design and implement an open-source framework called LEAKER that can evaluate the major leakage attacks against a given dataset and can serve as a common leakage analysis reference for the community. We identify new real-world datasets that capture different use cases for ESAs and, for the first time, include real-world user queries. Finally, we use LEAKER to evaluate known attacks on our datasets to assess their practical risks and gain insights about the properties that increase or diminish their accuracy.
| Typ des Eintrags: | Report |
|---|---|
| Erschienen: | 2021 |
| Autor(en): | Kamara, Seny ; Kati, Abdelkarim ; Moataz, Tarik ; Schneider, Thomas ; Treiber, Amos ; Yonli, Michael |
| Art des Eintrags: | Bibliographie |
| Titel: | Cryptanalysis of encrypted search with LEAKER - a framework for LEakage AttacK Evaluation on Real-world data |
| Sprache: | Englisch |
| Publikationsjahr: | 9 August 2021 |
| Verlag: | Cryptology ePrint Archive |
| (Heft-)Nummer: | Preprint |
| URL / URN: | https://eprint.iacr.org/2021/1035 |
| Kurzbeschreibung (Abstract): | An encrypted search algorithm (ESA) allows a user to encrypt its data while preserving the ability to search over it. As all practical solutions leak some information, cryptanalysis plays an important role in the area of encrypted search. Starting with the work by Islam et al. (NDSS'12), many attacks have been proposed that exploit different leakage profiles under various assumptions. While they aim to improve our common understanding of leakage, it is difficult to draw definite conclusions about their practical risk. This uncertainty stems from many limitations including a lack of reproducibility due to closed-source implementations, empirical evaluations conducted on small and/or unrealistic data, and reliance on very strong assumptions that can significantly affect accuracy. Particularly, assumptions made about the query distribution do not have any empirical basis because datasets containing users' queries are hard to find. In this work, we address the main limitations of leakage cryptanalysis. First, we design and implement an open-source framework called LEAKER that can evaluate the major leakage attacks against a given dataset and can serve as a common leakage analysis reference for the community. We identify new real-world datasets that capture different use cases for ESAs and, for the first time, include real-world user queries. Finally, we use LEAKER to evaluate known attacks on our datasets to assess their practical risks and gain insights about the properties that increase or diminish their accuracy. |
| Fachbereich(e)/-gebiet(e): | DFG-Graduiertenkollegs DFG-Graduiertenkollegs > Graduiertenkolleg 2050 Privacy and Trust for Mobile Users |
| Hinterlegungsdatum: | 10 Feb 2022 10:13 |
| Letzte Änderung: | 10 Feb 2022 10:13 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum