Practical Attacks on Relational Databases Protected via Searchable Encryption
(2018) 21st Information Security Conference, ISC 2018 In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 11060 LNCS. p.171-191- Abstract
Searchable symmetric encryption (SSE) schemes are commonly proposed to enable search in a protected unstructured documents such as email archives or any set of sensitive text files. However, some SSE schemes have been recently proposed in order to protect relational databases. Most of the previous attacks on SSE schemes have only targeted its common use case, protecting unstructured data. In this work, we propose a new inference attack on relational databases protected via SSE schemes. Our inference attack enables a passive adversary with only basic knowledge about the meta-data information of the target relational database to recover the attribute names of some observed queries. This violates query privacy since the attribute name of a... (More)
Searchable symmetric encryption (SSE) schemes are commonly proposed to enable search in a protected unstructured documents such as email archives or any set of sensitive text files. However, some SSE schemes have been recently proposed in order to protect relational databases. Most of the previous attacks on SSE schemes have only targeted its common use case, protecting unstructured data. In this work, we propose a new inference attack on relational databases protected via SSE schemes. Our inference attack enables a passive adversary with only basic knowledge about the meta-data information of the target relational database to recover the attribute names of some observed queries. This violates query privacy since the attribute name of a query is secret.
(Less)
- author
- Abdelraheem, Mohamed Ahmed ; Andersson, Tobias ; Gehrmann, Christian LU and Glackin, Cornelius
- organization
- publishing date
- 2018
- type
- Chapter in Book/Report/Conference proceeding
- publication status
- published
- subject
- host publication
- Information Security - 21st International Conference, ISC 2018, Proceedings
- series title
- Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
- editor
- Chen, Liqun ; Manulis, Mark and Schneider, Steve
- volume
- 11060 LNCS
- pages
- 21 pages
- publisher
- Springer
- conference name
- 21st Information Security Conference, ISC 2018
- conference location
- Guildford, United Kingdom
- conference dates
- 2018-09-09 - 2018-09-12
- external identifiers
-
- scopus:85053994380
- ISSN
- 0302-9743
- 1611-3349
- ISBN
- 9783319991351
- DOI
- 10.1007/978-3-319-99136-8_10
- project
- Cyber Security for Next Generation Factory (SEC4FACTORY)
- Cloudification of Production Engineering for Predictive Digital Manufacturing
- language
- English
- LU publication?
- yes
- id
- 4caa6e7a-10ab-4421-906e-12c454a4dee2
- date added to LUP
- 2018-10-22 14:19:08
- date last changed
- 2024-09-03 04:28:12
@inproceedings{4caa6e7a-10ab-4421-906e-12c454a4dee2, abstract = {{<p>Searchable symmetric encryption (SSE) schemes are commonly proposed to enable search in a protected unstructured documents such as email archives or any set of sensitive text files. However, some SSE schemes have been recently proposed in order to protect relational databases. Most of the previous attacks on SSE schemes have only targeted its common use case, protecting unstructured data. In this work, we propose a new inference attack on relational databases protected via SSE schemes. Our inference attack enables a passive adversary with only basic knowledge about the meta-data information of the target relational database to recover the attribute names of some observed queries. This violates query privacy since the attribute name of a query is secret.</p>}}, author = {{Abdelraheem, Mohamed Ahmed and Andersson, Tobias and Gehrmann, Christian and Glackin, Cornelius}}, booktitle = {{Information Security - 21st International Conference, ISC 2018, Proceedings}}, editor = {{Chen, Liqun and Manulis, Mark and Schneider, Steve}}, isbn = {{9783319991351}}, issn = {{0302-9743}}, language = {{eng}}, pages = {{171--191}}, publisher = {{Springer}}, series = {{Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)}}, title = {{Practical Attacks on Relational Databases Protected via Searchable Encryption}}, url = {{http://dx.doi.org/10.1007/978-3-319-99136-8_10}}, doi = {{10.1007/978-3-319-99136-8_10}}, volume = {{11060 LNCS}}, year = {{2018}}, }