Seny Kamara Tarik Moataz Bob 2 Bob 2 I cant search! Bob 2 - PowerPoint PPT Presentation

Overview: Set Structure with I/E-based Unions id 3 id 1 id 4 id 3 Id 4 Id 2 20

Overview: Set Structure with I/E-based Unions id 3 id 1 id 4 Global Multi-map MM w 1 id 1 id 3 id 4 w 2 id 3 id 3 w 3 id 2 id 4 Id 4 Id 2 20

Overview: Set Structure with I/E-based Unions Local Multi-map MM 1 id 3 id 3 w 1 ⋀ w 2 id 1 w 1 ⋀ w 3 id 4 id 4 Global Multi-map MM w 1 id 1 id 3 id 4 Local Multi-map MM 2 w 2 id 3 id 3 w 2 ⋀ w 1 id 3 w 3 id 2 id 4 Local Multi-map MM 3 id 4 w 3 ⋀ w 1 Id 4 Id 2 20

IEX: Setup Multi-map MM Setup IEX 1 k , w 1 id 1 id 3 id 4 w 2 id 3 w 3 id 2 id 4 21

IEX: Setup Encrypted Global Multi-map EMM w 2 E(id 3 ; w 1 ) E(id 3 ; l 2 ) w 1 E(id 2 ; w 3 ) w 3 w 1 E(id 4 ; w 1 ) w 3 E(id 4 ; w 3 ) E(id 1 ; w 1 ) w 1 Multi-map MM Setup IEX 1 k , w 1 id 1 id 3 id 4 Encrypted local Multi-map EMM 1 , w 1 ⋀ w 2 w 2 id 3 E(id 3 ; w 1 ) w 1 ⋀ w 3 E(id 4 ; w 1 ) w 3 id 2 id 4 Encrypted local Multi-map EMM 1 w 2 ⋀ w 1 E(id 3 ; w 2 ) Encrypted local Multi-map EMM 2 w 3 ⋀ w 1 E(id 3 ; w 3 ) 21

IEX: Setup Multi-map MM Setup IEX 1 k , w 1 id 1 id 3 id 4 , w 2 id 3 w 3 id 2 id 4 22

IEX: Setup Encrypted Global Multi-map EMM w 2 E(id 3 ; w 1 ) E(id 3 ; l 2 ) w 1 E(id 2 ; w 3 ) w 3 w 1 E(id 4 ; w 1 ) w 3 E(id 4 ; w 3 ) w 1 E(id 1 ; w 1 ) Multi-map MM Encrypted Dictionary EDX Setup IEX 1 k , w 1 id 1 id 3 id 4 , Encrypted local Multi-map EMM 1 w 2 id 3 w 1 ⋀ w 2 E(id 3 ; w 1 ) 1 w 1 ⋀ w 3 E(id 4 ; w 1 ) w 3 id 2 id 4 Encrypted local Multi-map EMM 1 2 w 2 ⋀ w 1 E(id 3 ; w 2 ) Encrypted local Multi-map EMM 2 3 w 3 ⋀ w 1 E(id 3 ; w 3 ) 22

IEX: Token ∨ , w 1 w 3 Token IEX 23

IEX: Token ∨ , w 1 w 1 w 3 Token IEX Global sub-token 23

IEX: Token ∨ , w 1 w 1 w 3 w 3 Token IEX Global Global sub-token sub-token 23

IEX: Token ∨ , w 1 w 1 w 3 1 w 3 Token IEX Global Global dictionary sub-token sub-token sub-token 23

IEX: Token ∨ , w 1 w 1 ⋀ w 3 w 1 w 3 1 w 3 Token IEX Global Global dictionary Local sub-token sub-token sub-token sub-token 23

IEX: Get Encrypted Global Multi-map EMM w 2 E(id 3 ; w 1 ) E(id 3 ; l 2 ) w 1 E(id 2 ; w 3 ) w 3 w 1 E(id 4 ; w 1 ) w 3 E(id 4 ; w 3 ) w 1 E(id 1 ; w 1 ) Encrypted Dictionary EDX , Encrypted local Multi-map EMM 1 Get IEX w 1 ⋀ w 3 w 1 w 3 1 w 1 ⋀ w 2 E(id 3 ; w 1 ) 1 w 1 ⋀ w 3 E(id 4 ; w 1 ) Encrypted local Multi-map EMM 1 2 w 2 ⋀ w 1 E(id 3 ; w 2 ) Encrypted local Multi-map EMM 2 3 w 3 ⋀ w 1 E(id 3 ; w 3 ) 24

IEX: Get Encrypted Global Multi-map EMM w 2 E(id 3 ; w 1 ) E(id 3 ; l 2 ) w 1 , E(id 2 ; w 3 ) w 3 Get w 1 w 1 E(id 4 ; w 1 ) w 3 E(id 4 ; w 3 ) E(id 1 ; w 1 ) w 1 25

IEX: Get Encrypted Global Multi-map EMM w 2 E(id 3 ; w 1 ) E(id 3 ; l 2 ) w 1 , E(id 2 ; w 3 ) w 3 Get w 1 E(id 3 ; w 1 ) E(id 3 ; w 1 ) E(id 4 ; w 1 ) w 1 E(id 4 ; w 1 ) w 3 E(id 4 ; w 3 ) E(id 1 ; w 1 ) w 1 25

IEX: Get Encrypted Global Multi-map EMM w 2 E(id 3 ; w 1 ) E(id 3 ; l 2 ) w 1 , E(id 2 ; w 3 ) w 3 Get w 1 E(id 3 ; w 1 ) E(id 3 ; w 1 ) E(id 4 ; w 1 ) w 1 E(id 4 ; w 1 ) w 3 E(id 4 ; w 3 ) E(id 1 ; w 1 ) w 1 Encrypted Global Multi-map EMM w 2 E(id 3 ; w 1 ) E(id 3 ; l 2 ) w 1 , w 3 Get E(id 2 ; w 3 ) w 3 w 1 E(id 4 ; w 1 ) w 3 E(id 4 ; w 3 ) w 1 E(id 1 ; w 1 ) 25

IEX: Get Encrypted Global Multi-map EMM w 2 E(id 3 ; w 1 ) E(id 3 ; l 2 ) w 1 , E(id 2 ; w 3 ) w 3 Get w 1 E(id 3 ; w 1 ) E(id 3 ; w 1 ) E(id 4 ; w 1 ) w 1 E(id 4 ; w 1 ) w 3 E(id 4 ; w 3 ) E(id 1 ; w 1 ) w 1 Encrypted Global Multi-map EMM w 2 E(id 3 ; w 1 ) E(id 3 ; l 2 ) w 1 , w 3 Get E(id 2 ; w 3 ) w 3 E(id 2 ; w 3 ) E(id 4 ; w 3 ) w 1 E(id 4 ; w 1 ) w 3 E(id 4 ; w 3 ) w 1 E(id 1 ; w 1 ) 25

IEX: Lookup Encrypted Dictionary EDX Encrypted local Multi-map EMM 1 w 1 ⋀ w 2 E(id 3 ; w 1 ) 1 w 1 ⋀ w 3 E(id 4 ; w 1 ) , 1 Get Encrypted local Multi-map EMM 1 2 w 2 ⋀ w 1 E(id 3 ; w 2 ) Encrypted local Multi-map EMM 2 3 w 3 ⋀ w 1 E(id 3 ; w 3 ) 26

IEX: Lookup Encrypted Dictionary EDX Encrypted local Multi-map EMM 1 w 1 ⋀ w 2 E(id 3 ; w 1 ) 1 w 1 ⋀ w 3 E(id 4 ; w 1 ) Encrypted local Multi-map EMM 1 , w 1 ⋀ w 2 E(id 3 ; w 1 ) 1 Get Encrypted local Multi-map EMM 1 w 1 ⋀ w 3 E(id 4 ; w 1 ) 2 w 2 ⋀ w 1 E(id 3 ; w 2 ) Encrypted local Multi-map EMM 2 3 w 3 ⋀ w 1 E(id 3 ; w 3 ) 26

IEX: Lookup Encrypted local Multi-map EMM 1 , w 1 ⋀ w 3 w 1 ⋀ w 2 E(id 3 ; w 1 ) Get w 1 ⋀ w 3 E(id 4 ; w 1 ) 27

IEX: Lookup Encrypted local Multi-map EMM 1 , w 1 ⋀ w 3 w 1 ⋀ w 2 E(id 3 ; w 1 ) Get E(id 4 ; w 1 ) w 1 ⋀ w 3 E(id 4 ; w 1 ) 27

IEX: Lookup Encrypted local Multi-map EMM 1 , w 1 ⋀ w 3 w 1 ⋀ w 2 E(id 3 ; w 1 ) Get E(id 4 ; w 1 ) w 1 ⋀ w 3 E(id 4 ; w 1 ) E(id 3 ; w 1 ) E(id 3 ; w 1 ) E(id 4 ; w 1 ) E(id 2 ; w 3 ) E(id 4 ; w 3 ) 27

IEX: Lookup Encrypted local Multi-map EMM 1 , w 1 ⋀ w 3 w 1 ⋀ w 2 E(id 3 ; w 1 ) Get E(id 4 ; w 1 ) w 1 ⋀ w 3 E(id 4 ; w 1 ) Result sent to the client E(id 3 ; w 1 ) E(id 3 ; w 1 ) E(id 3 ; w 1 ) E(id 3 ; w 1 ) E(id 4 ; w 1 ) E(id 2 ; w 3 ) E(id 4 ; w 3 ) E(id 4 ; w 3 ) E(id 2 ; w 3 ) 27

IEX: Leakage • Black-box setup leakage • Setup leakage of global EMM • Setup leakage of EDX • Black-box query leakage for disjunction • Query leakage of global EMM • Query leakage of EDX 28

IEX: Leakage • Concrete setup leakage • Black-box setup leakage • Size of global MM • Setup leakage of global EMM • Total size of local MM • Setup leakage of EDX • Concrete query leakage • Black-box query leakage for • Search and access pattern of global MM disjunction • Search pattern of accessed local MMs • Query leakage of global EMM • Access pattern of accessed local MMs • Query leakage of EDX • Tags of accessed local MMs • Setup leakage of local MMs • Search and access pattern of DX 28

IEX: Leakage Less leakage than OXT • Concrete setup leakage • Black-box setup leakage • Size of global MM • Setup leakage of global EMM • Total size of local MM • Setup leakage of EDX • Concrete query leakage • Black-box query leakage for • Search and access pattern of global MM disjunction • Search pattern of accessed local MMs • Query leakage of global EMM • Access pattern of accessed local MMs • Query leakage of EDX • Tags of accessed local MMs • Setup leakage of local MMs • Search and access pattern of DX 28

IEX: Asymptotics • Communication complexity is optimal 29

IEX: Asymptotics • Communication complexity is optimal • Worst-case search complexity (q keywords) • Sub-linear in where 29

IEX: Asymptotics • Communication complexity is optimal • Worst-case search complexity (q keywords) • Sub-linear in where • Storage 29

Improving IEX Storage Overhead • Can we make IEX more compact? • Problem is local EMMs are too large 30

Improving IEX Storage Overhead • Can we make IEX more compact? • Problem is local EMMs are too large • Use Z-IDX [Goh03] as local EMM? • Linear search complexity is OK • Very compact (based on Bloom filters) • Not adaptively-secure! 30

Improving IEX Storage Overhead • Can we make IEX more compact? • Problem is local EMMs are too large • Use Z-IDX [Goh03] as local EMM? • Linear search complexity is OK • Very compact (based on Bloom filters) • Not adaptively-secure! • Z-IDX can be made adaptively-secure • But token size too large (far from optimal) 30

Improving IEX Storage Overhead • Matryoshka filters • New nested Bloom filters with variable size and fixed hash functions 31

Improving IEX Storage Overhead • Matryoshka filters • New nested Bloom filters with variable size and fixed hash functions • Encrypted Matryoshka filters • Based on online ciphers • Adaptively-secure • Compact structure • Optimal token size • Linear search complexity 31

Evaluation (up to 61M keyword/id pairs) 32

Evaluation (up to 61M keyword/id pairs) OXT 200 ms 32

Evaluation (up to 61M keyword/id pairs) 10 × OXT 200 ms 32

Seny Kamara Tarik Moataz Bob 2 Bob 2 I cant search! Bob 2 - PowerPoint PPT Presentation

Boolean Searchable Symmetric Encryption with Worst-Case Sub-Linear Complexity Seny Kamara Tarik Moataz Bob 2 Bob 2 I cant search! Bob 2 Many Approaches Stream ciphers [SWP00] Bucketing [HILM02] Structured and searchable

Pixek Seny Kamara,Tarik Moataz, Martin Zhu 1 2 9,198,580,293* 4% * since 2013 3 Why so Few?

SQL on Structurally-Encrypted Databases Seny Kamara Tarik Moataz Q : What is a relational

Breach-Resistant Structured Encryption Ghous Amjad, Seny Kamara & Tarik Moataz 2 Databases

Structured Encryption and Leakage Suppression Tarik Moataz Part I is a joint work with Seny

Revisiting Leakage Abuse Attacks Laura Blackstone Seny Kamara Tarik Moataz AROKI SYSTEMS

Encrypted Search: Intro & Basics Seny Kamara 2 14,717,618,286* 4% * since 2013 3 Why so

Enc Encryp ypted Sear ed Search h Seny Kamara Brown University 2 3 4 Q: Why is this

Encrypted Search: Leakage Suppression Seny Kamara How Should we Handle Leakage? Approach #1:

Encrypted Search: Leakage Attacks Seny Kamara How do we Deal with Leakage? Our definitions

How to Search on Encrypted Data SENY KAMARA MICROSOFT RESEARCH Encryption 2 Gen ( 1 k )

Crypto for the People Seny Kamara 2 3 4 5 Perspective as a Black person as an

Restructuring the NSA Metadata Program Seny Kamara Microsoft Research Thanks to: Timothy Edgar,

Proofs of Storage SENY KAMARA MICROSOFT RESEARCH Computing as a Service 2 Computing is a

Cryptographic Cloud Storage: a proposal a proposal Seny Kamara, Kristin Lauter Cryptography

Cloud Computing SENY KAMARA MICROSOFT RESEARCH Computing as a Service 2 Computing is a

Remote Timing Attacks are Practical by David Brumley and Dan Boneh Presented by Seny Kamara in

Structured Encryption Seny Kamara Microsoft Research Lei Wei University of North Carolina

OblivP2P: An Oblivious Peer-to- Peer Content Sharing System Yaoqi Jia, Tarik Moataz, Shruti Tople

Encryption Seny Kamara Microsoft Research Mariana Raykova IBM Research Big Data The scale

An Extensible Platform for Evaluating Security Protocols Seny Kamara joint with L. Ballard, R.

CS2 : A Searchable Cryptographic Cloud Storage System Seny Kamara (MSR) Charalampos Papamanthou

Structured Encryption and Controlled Disclosure Melissa Chase Seny Kamara Microsoft Research

Salus Seny Kamara - Microsoft Research Payman Mohassel U. of Calgary Ben Riva Tel Aviv U.

Searchable Symmetric Encryption Seny Kamara Advanced Topics in Network Security Spring 2006 1

Seny Kamara Tarik Moataz Bob 2 Bob 2 I cant search! Bob 2 - PowerPoint PPT Presentation

Boolean Searchable Symmetric Encryption with Worst-Case Sub-Linear Complexity Seny Kamara Tarik Moataz Bob 2 Bob 2 I cant search! Bob 2 Many Approaches Stream ciphers [SWP00] Bucketing [HILM02] Structured and searchable

Pixek Seny Kamara,Tarik Moataz, Martin Zhu 1 2 9,198,580,293* 4% * since 2013 3 Why so Few?

SQL on Structurally-Encrypted Databases Seny Kamara Tarik Moataz Q : What is a relational

Breach-Resistant Structured Encryption Ghous Amjad, Seny Kamara &amp; Tarik Moataz 2 Databases

Structured Encryption and Leakage Suppression Tarik Moataz Part I is a joint work with Seny

Revisiting Leakage Abuse Attacks Laura Blackstone Seny Kamara Tarik Moataz AROKI SYSTEMS

Encrypted Search: Intro &amp; Basics Seny Kamara 2 14,717,618,286* 4% * since 2013 3 Why so

Enc Encryp ypted Sear ed Search h Seny Kamara Brown University 2 3 4 Q: Why is this

Encrypted Search: Leakage Suppression Seny Kamara How Should we Handle Leakage? Approach #1:

Encrypted Search: Leakage Attacks Seny Kamara How do we Deal with Leakage? Our definitions

How to Search on Encrypted Data SENY KAMARA MICROSOFT RESEARCH Encryption 2 Gen ( 1 k )

Crypto for the People Seny Kamara 2 3 4 5 Perspective as a Black person as an

Restructuring the NSA Metadata Program Seny Kamara Microsoft Research Thanks to: Timothy Edgar,

Proofs of Storage SENY KAMARA MICROSOFT RESEARCH Computing as a Service 2 Computing is a

Cryptographic Cloud Storage: a proposal a proposal Seny Kamara, Kristin Lauter Cryptography

Cloud Computing SENY KAMARA MICROSOFT RESEARCH Computing as a Service 2 Computing is a

Remote Timing Attacks are Practical by David Brumley and Dan Boneh Presented by Seny Kamara in

Structured Encryption Seny Kamara Microsoft Research Lei Wei University of North Carolina

OblivP2P: An Oblivious Peer-to- Peer Content Sharing System Yaoqi Jia, Tarik Moataz, Shruti Tople

Encryption Seny Kamara Microsoft Research Mariana Raykova IBM Research Big Data The scale

An Extensible Platform for Evaluating Security Protocols Seny Kamara joint with L. Ballard, R.

CS2 : A Searchable Cryptographic Cloud Storage System Seny Kamara (MSR) Charalampos Papamanthou

Structured Encryption and Controlled Disclosure Melissa Chase Seny Kamara Microsoft Research

Salus Seny Kamara - Microsoft Research Payman Mohassel U. of Calgary Ben Riva Tel Aviv U.

Searchable Symmetric Encryption Seny Kamara Advanced Topics in Network Security Spring 2006 1

Breach-Resistant Structured Encryption Ghous Amjad, Seny Kamara & Tarik Moataz 2 Databases

Encrypted Search: Intro & Basics Seny Kamara 2 14,717,618,286* 4% * since 2013 3 Why so