efficient dynamic searchable encryption
play

Efficient Dynamic Searchable Encryption with Forward Privacy - PowerPoint PPT Presentation

Mar 02, 2023 •664 likes •1.57k views

Efficient Dynamic Searchable Encryption with Forward Privacy Mohammad Alptekin Charalampos David Kp Etemad Papamanthou Evans Efficient Dynamic Searchable Encryption with Forward Privacy Etemad, Kp , Papamanthou, Evans, PETS

  1. Efficient Dynamic Searchable Encryption with Forward Privacy Mohammad Alptekin Charalampos David Küpçü Etemad Papamanthou Evans Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 1

  2. Problem Definition  Outsourced data should be encrypted for confidentiality.  The user want to perform search to access a particular data or selectively retrieve the outsourced files.  Search over the encrypted data? Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 4

  3. Trivial Secure but Inefficient Solution Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 7

  4. Trivial Secure but Inefficient Solution Encrypt Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 8

  5. Trivial Secure but Inefficient Solution Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 9

  6. Trivial Secure but Inefficient Solution Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 10

  7. Trivial Secure but Inefficient Solution Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 11

  8. Trivial Secure but Inefficient Solution Decrypt Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 12

  9. Trivial Secure but Inefficient Solution Decrypt Local Search Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 13

  10. Searchable Encryption  Index-based solutions Efficiency Security Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 15

  11. Searchable Encryption  Index-based solutions Efficiency  Files f = {f 1 , f 2 , …, f n } Security  Dictionary W = {w 1 , w 2 , …, w m } Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 16

  12. Searchable Encryption  Index-based solutions Efficiency  Files f = {f 1 , f 2 , …, f n } Security  Dictionary W = {w 1 , w 2 , …, w m }  For each keyword w i in dictionary W:  F w i = {identifiers of all files containing w i } Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 17

  13. Searchable Encryption  Index-based solutions Efficiency  Files f = {f 1 , f 2 , …, f n } Security  Dictionary W = {w 1 , w 2 , …, w m }  For each keyword w i in dictionary W:  F w i = {identifiers of all files containing w i }  Generate a key K w i = F(K, w i ) Pseudo Random Function  Encrypt F w i under K w i Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 18

  14. Searchable Encryption  Index-based solutions Efficiency  Files f = {f 1 , f 2 , …, f n } Security  Dictionary W = {w 1 , w 2 , …, w m }  For each keyword w i in dictionary W:  F w i = {identifiers of all files containing w i }  Generate a key K w i = F(K, w i ) Pseudo Random Function  Encrypt F w i under K w i  Store them at (random) locations in the index  Outsource the encrypted index together with the encrypted files Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 19

  15. Searchable Encryption Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 20

  16. Searchable Encryption PreComputation Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 21

  17. Searchable Encryption PreComputation Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 22

  18. Searchable Encryption PreComputation Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 23

  19. Searchable Encryption PreComputation Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 24

  20. Searchable Encryption Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 25

  21. Searchable Encryption Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 26

  22. Searchable Encryption Retrieve the files containing a keyword w i Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 27

  23. Searchable Encryption Retrieve the files containing a keyword w i w i Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 28

  24. Searchable Encryption Retrieve the files containing a keyword w i Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 29

  25. Searchable Encryption Retrieve the files containing a keyword w i Decrypt Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 30

  26. The Leakages  Search leakage  The set of encrypted files containing w i (Access pattern: f wi,t )  Needed for efficient response  Server does not know the keyword or the contents of files! Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 33

  27. The Leakages  Search leakage  The set of encrypted files containing w i (Access pattern: f wi,t )  Needed for efficient response  Server does not know the keyword or the contents of files!  How many times a keyword is searched for (Search pattern: SP )  The tokens are deterministic! Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 34

  28. The Leakages  File Insertion leakage (for dynamic schemes without forward privacy)  File identifier ( e j )  File size (| f j |) Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 35

  29. The Leakages  File Insertion leakage (for dynamic schemes without forward privacy)  File identifier ( e j )  File size (| f j |)  Number of keywords in the file and if any of them was previously queried  They are encrypted under a key that is already revealed to the server.  If all keywords of a new file have already been queried, the server knows all its (encrypted) keywords upon insertion! Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 36

  30. Exploiting Leakage  The leakages can be used to compromise confidentiality of the data and queries  Access pattern attacks [IKK12, NKW15, CGPR15]  Search pattern attacks [LZWT14]  File injection attacks [ZKP16] Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 37

  31. Exploiting Leakage  The leakages can be used to compromise confidentiality of the data and queries  Access pattern attacks [IKK12, NKW15, CGPR15]  Search pattern attacks [LZWT14]  File injection attacks [ZKP16]  Without forward privacy, the server can link a new file to the previously queried keywords upon insertion for free! Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 38

  32. Exploiting Leakage  The leakages can be used to compromise confidentiality of the data and queries  Access pattern attacks [IKK12, NKW15, CGPR15]  Search pattern attacks [LZWT14]  File injection attacks [ZKP16]  Without forward privacy, the server can link a new file to the previously queried keywords upon insertion for free!  Forward privacy prevents this leakage.  Makes adaptive injection attacks less effective [ZKP16]. Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 39

  33. Forward Privacy  With forward privacy, the insertion leakage is limited to:  File identifier  File size  Number of keywords in the file and if any of them was previously queried  The server cannot link the new file to the previous searches Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 40

  34. Our Scheme  Upon a search:  Client reveals the respective key to the server,  Server deletes all accessed index entries,  Client re-inserts them encrypted under a fresh key at new random locations in the index. Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 41

  35. Our Scheme  Upon a search:  Client reveals the respective key to the server,  Server deletes all accessed index entries,  Client re-inserts them encrypted under a fresh key at new random locations in the index.  Slides:  Honest-but-curious server  Small but non-constant client storage Efficient Dynamic Searchable Encryption with Forward Privacy – Etemad, Küpçü , Papamanthou, Evans, PETS 2018 42

Recommend

Backward Secure Dynamic Searchable Symmetric Encryption with Efficient Updates Hyung Tae Lee

Backward Secure Dynamic Searchable Symmetric Encryption with Efficient Updates Hyung Tae Lee

Backward Secure Dynamic Searchable Symmetric Encryption with Efficient Updates Hyung Tae Lee Chonbuk National University, Republic of Korea June 14, 2019@ Workshop on Modern Trends in Cryptography Table of contents 1. Introduction 2.

537 views • 25 slides
Dynamic Searchable M. Naveed, Encryption via Blind M. Prabhakaran, C.A. Gunter Storage

Dynamic Searchable M. Naveed, Encryption via Blind M. Prabhakaran, C.A. Gunter Storage

Dynamic Searchable M. Naveed, Encryption via Blind M. Prabhakaran, C.A. Gunter Storage Presented by: Keegan Sherman and Pardeep Banwait Searchable Symmetric Encryption Allows a user to store a collection of encrypted documents and

350 views • 24 slides
Searchable Encryption Prepared for 600.624 February 9, 2006 Outline Motivation of

Searchable Encryption Prepared for 600.624 February 9, 2006 Outline Motivation of

Searchable Encryption Prepared for 600.624 February 9, 2006 Outline Motivation of Searchable Encryption Searchable Encryption Constructions of Song, Wagner and Perrig Discussion Related Work Conjunctive Keyword

753 views • 51 slides
FORWARD PRIVATE SEARCHABLE ENCRYPTION & BEYOND 22/02/2017 MIT - RAPHAEL BOST DATE

FORWARD PRIVATE SEARCHABLE ENCRYPTION & BEYOND 22/02/2017 MIT - RAPHAEL BOST DATE

FORWARD PRIVATE SEARCHABLE ENCRYPTION & BEYOND 22/02/2017 MIT - RAPHAEL BOST DATE Searchable Encryption Outsource data securely keep search functionalities Generic Solutions Fully Homomorphic Encryption, MPC, ORAM

578 views • 37 slides
Dynamic Searchable Symmetric Encryption DSSE INTRODUCTION TO CYBER SECURITY ESTR 4306 | LIU

Dynamic Searchable Symmetric Encryption DSSE INTRODUCTION TO CYBER SECURITY ESTR 4306 | LIU

Dynamic Searchable Symmetric Encryption DSSE INTRODUCTION TO CYBER SECURITY ESTR 4306 | LIU YICUN Motivating Problem The clients want a encrypted database which can update dynamically. The clients want to do the updates without re-encrypting

898 views • 25 slides
Dynamic Searchable Encryption with Small Client Storage Ioannis Demertzis Javad Ghareh Chamani

Dynamic Searchable Encryption with Small Client Storage Ioannis Demertzis Javad Ghareh Chamani

Dynamic Searchable Encryption with Small Client Storage Ioannis Demertzis Javad Ghareh Chamani University of Maryland HKUST and Sharif University of Technology jgc@cse.ust.hk yannis@umd.edu Dimitrios Papadopoulos Charalampos Papamathou

561 views • 39 slides
Sophos and Diane Searchable Symmetric Encryption with (Very) Low Overhead Raphael Bost, Brice

Sophos and Diane Searchable Symmetric Encryption with (Very) Low Overhead Raphael Bost, Brice

Sophos and Diane Searchable Symmetric Encryption with (Very) Low Overhead Raphael Bost, Brice Minaud RHUL ISG seminar, November 24th 2016 Plan 1. Symmetric Searchable Encryption. 2. Leakage and Forward-Privacy. 3. Sophos and Diane schemes. 4.

479 views • 45 slides
Searching on/Testing Encrypted Data Lecture 23 Searchable Encryption Searchable Encryption A

Searching on/Testing Encrypted Data Lecture 23 Searchable Encryption Searchable Encryption A

Searching on/Testing Encrypted Data Lecture 23 Searchable Encryption Searchable Encryption A test key T w that allows one to test if Dec SK (C) = w Searchable Encryption A test key T w that allows one to test if Dec SK (C) = w No other

1.62k views • 116 slides
in Searchable Symmetric Encryption Kaoru Kurosawa and Yasuhiro Ohtaki Ibaraki University, Japan

in Searchable Symmetric Encryption Kaoru Kurosawa and Yasuhiro Ohtaki Ibaraki University, Japan

How to Update Documents Verifiably in Searchable Symmetric Encryption Kaoru Kurosawa and Yasuhiro Ohtaki Ibaraki University, Japan Outline (1) Introduction (2) Our (previous) verifiable SSE scheme (3) Extend it to a dynamic SSE scheme (but

1.13k views • 70 slides
Searchable Symmetric Encryption Seny Kamara Advanced Topics in Network Security Spring 2006 1

Searchable Symmetric Encryption Seny Kamara Advanced Topics in Network Security Spring 2006 1

Searchable Symmetric Encryption Seny Kamara Advanced Topics in Network Security Spring 2006 1 Yesterday Motivation for searchable encryption First SSE scheme [SWP00] Attacks on [SWP00] Conjunctive SSE [GSW04,PKL04,BKM05] 2

703 views • 24 slides
Searchable Encryption From Theory to Implementation Raphael Bost Direction Gnrale de

Searchable Encryption From Theory to Implementation Raphael Bost Direction Gnrale de

Searchable Encryption From Theory to Implementation Raphael Bost Direction Gnrale de lArmement - Maitrise de lInformation & Universit de Rennes 1 ECRYPT NET Workshop - Crypto for the Cloud & Implementation - 28/06/2017

793 views • 43 slides
Understanding and Mitigating Leakage-Abuse Attacks against Searchable Encryption Raphael Bost 1 ,

Understanding and Mitigating Leakage-Abuse Attacks against Searchable Encryption Raphael Bost 1 ,

Understanding and Mitigating Leakage-Abuse Attacks against Searchable Encryption Raphael Bost 1 , Pierre-Alain Fouque 2 , Brice Minaud 3 1 Direction Gnrale de lArmement - Matrise de lInformation 2 Universit de Rennes 1 3 INRIA &

836 views • 45 slides
Searchable Symmetric Encryption: Optimal Locality in Linear Space via Two-Dimensional Balanced

Searchable Symmetric Encryption: Optimal Locality in Linear Space via Two-Dimensional Balanced

Searchable Symmetric Encryption: Optimal Locality in Linear Space via Two-Dimensional Balanced Allocations Gilad Asharov Cornell-Tech (Hebrew University) Moni Naor Weizmann Gil Segev

827 views • 56 slides
Searchable Symmetric Encryption: Optimal Locality in Linear Space via Two-Dimensional Balanced

Searchable Symmetric Encryption: Optimal Locality in Linear Space via Two-Dimensional Balanced

Searchable Symmetric Encryption: Optimal Locality in Linear Space via Two-Dimensional Balanced Allocations Gilad Asharov IBM Research Moni Naor Weizmann Gil Segev Hebrew

1.01k views • 42 slides
The Locality of Searchable Symmetric Encryption David Cash Stefano Tessaro Rutgers U UC Santa

The Locality of Searchable Symmetric Encryption David Cash Stefano Tessaro Rutgers U UC Santa

The Locality of Searchable Symmetric Encryption David Cash Stefano Tessaro Rutgers U UC Santa Barbara 1 Outsourced storage and searching Browser only downloads documents matching query. Avoids downloading all 6 GB. 2 End-to-end

477 views • 47 slides
Forward Private Searchable Symmetric Encryption with Optimized I/O Efficiency Changyu Dong

Forward Private Searchable Symmetric Encryption with Optimized I/O Efficiency Changyu Dong

Forward Private Searchable Symmetric Encryption with Optimized I/O Efficiency Changyu Dong <changyu.dong@newcastle.ac.uk> Joint work with Xiangfu Song, Dandan Yuan, Qiuliang Xu, Minghao Zhao Motivation: Data Outsourcing Explosive

551 views • 29 slides
Lower Bounds for Encrypted Multi-Maps and Searchable Encryption in the Leakage Cell Probe Model

Lower Bounds for Encrypted Multi-Maps and Searchable Encryption in the Leakage Cell Probe Model

Lower Bounds for Encrypted Multi-Maps and Searchable Encryption in the Leakage Cell Probe Model Sarvar Patel*, Giuseppe Persiano** and Kevin Yeo* *Google **University of Salerno Key k i was queried. Privacy-Preserving Storage Protocols Key k i

1.11k views • 81 slides
Searchable Encryption with Optimal Locality: Achieving Sublogarithmic Read Efficiency Charalampos

Searchable Encryption with Optimal Locality: Achieving Sublogarithmic Read Efficiency Charalampos

Searchable Encryption with Optimal Locality: Achieving Sublogarithmic Read Efficiency Charalampos Papamanthou Ioannis Demertzis Dimitris Papadopoulos Hong Kong UST University of Maryland University of Maryland yannis@umd.edu

753 views • 26 slides
Searchable Encryption, Leakage-Abuse Attacks, and Statistical Learning Theory Paul Grubbs,

Searchable Encryption, Leakage-Abuse Attacks, and Statistical Learning Theory Paul Grubbs,

Searchable Encryption, Leakage-Abuse Attacks, and Statistical Learning Theory Paul Grubbs, Marie-Sarah Lacharit, Brice Minaud, Kenny Paterson eprint 2019/011 and IEEE S&P 2019. (also eprint 2018/965, CCS 2018.) AriC crypto seminar, ENS

651 views • 48 slides
Tight Tradeoffs in Searchable Symmetric Encryption Gilad Asharov Gil Segev Ido Shahaf Cornell

Tight Tradeoffs in Searchable Symmetric Encryption Gilad Asharov Gil Segev Ido Shahaf Cornell

Tight Tradeoffs in Searchable Symmetric Encryption Gilad Asharov Gil Segev Ido Shahaf Cornell Hebrew Hebrew Tech University University The Efficiency of SSE [CT14] 2 Existing Schemes and Lower Bounds Space Locality Read efficiency

649 views • 12 slides
Some applications and protocols Internet Casino Identity-based encryption Commitment

Some applications and protocols Internet Casino Identity-based encryption Commitment

Some applications and protocols Internet Casino Identity-based encryption Commitment Functional encryption Shared coin flips Fully-homomorphic encryption APPLICATIONS AND PROTOCOLS Threshold cryptography Searchable

399 views • 11 slides
Seny Kamara Tarik Moataz Bob 2 Bob 2 I cant search! Bob 2 Many Approaches Stream

Seny Kamara Tarik Moataz Bob 2 Bob 2 I cant search! Bob 2 Many Approaches Stream

Boolean Searchable Symmetric Encryption with Worst-Case Sub-Linear Complexity Seny Kamara Tarik Moataz Bob 2 Bob 2 I cant search! Bob 2 Many Approaches Stream ciphers [SWP00] Bucketing [HILM02] Structured and searchable

1.2k views • 104 slides
Efficient Threshold Encryption from Lossy Trapdoor Functions Xiang Xie, Rui Xue and Rui Zhang

Efficient Threshold Encryption from Lossy Trapdoor Functions Xiang Xie, Rui Xue and Rui Zhang

Efficient Threshold Encryption from Lossy Trapdoor Functions Xiang Xie, Rui Xue and Rui Zhang SKLOIS Chinese Academy of Sciences Outline Background Our Results Our Constructions Conclusions 2 Threshold Public Key Encryption

854 views • 32 slides
Efficient Ring-LWE Encryption on 8-bit AVR Processors . Zhe Liu 1 Hwajeong Seo 2 Sujoy Sinha Roy

Efficient Ring-LWE Encryption on 8-bit AVR Processors . Zhe Liu 1 Hwajeong Seo 2 Sujoy Sinha Roy

Short Overview Ring-LWE Encryption Scheme Our Implementation Implementation Results Conclusion . Efficient Ring-LWE Encryption on 8-bit AVR Processors . Zhe Liu 1 Hwajeong Seo 2 Sujoy Sinha Roy 3 adl 1 Howon Kim 2 Ingrid Verbauwhede 3

1.4k views • 102 slides

More recommend