Practical Attacks on Relational Databases Protected via Searchable Encryption
2018 (English)In: Lecture Notes in Computer Science, 2018, p. 171-191Conference paper, Published paper (Refereed)
Abstract [en]
Searchable symmetric encryption (SSE) schemes are commonly proposed to enable search in a protected unstructured documents such as email archives or any set of sensitive text files. However, some SSE schemes have been recently proposed in order to protect relational databases. Most of the previous attacks on SSE schemes have only targeted its common use case, protecting unstructured data. In this work, we propose a new inference attack on relational databases protected via SSE schemes. Our inference attack enables a passive adversary with only basic knowledge about the meta-data information of the target relational database to recover the attribute names of some observed queries. This violates query privacy since the attribute name of a query is secret.
Place, publisher, year, edition, pages
2018. p. 171-191
Keywords [en]
Query languages, Query processing, Security of data, E-mail archives, Inference attacks, Passive adversary, Relational Database, Searchable encryptions, Symmetric encryption, Unstructured data, Unstructured documents, Cryptography
National Category
Natural Sciences
Identifiers
URN: urn:nbn:se:ri:diva-35902DOI: 10.1007/978-3-319-99136-8_10Scopus ID: 2-s2.0-85053994380ISBN: 9783319991351 (print)OAI: oai:DiVA.org:ri-35902DiVA, id: diva2:1261489
Conference
Information Security - 21st International Conference, ISC 2018, Proceedings. 21st Information Security Conference, ISC 2018, Guildford, United Kingdom 2018-09-08 -- 2018-09-11
Note
Funding details: ICT-07-2014; Funding details: 644814; Funding text: Acknowledgments. This work was supported by European Union’s Horizon 2020 research and innovation programme under grant agreement No 644814, the PaaSword project within the ICT Programme ICT-07-2014: Advanced Cloud Infrastructures and Services.
2018-11-072018-11-072019-01-18Bibliographically approved