Skip to main content

Lund University Publications

LUND UNIVERSITY LIBRARIES

Practical Attacks on Relational Databases Protected via Searchable Encryption

Abdelraheem, Mohamed Ahmed ; Andersson, Tobias ; Gehrmann, Christian LU and Glackin, Cornelius (2018) 21st Information Security Conference, ISC 2018 In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 11060 LNCS. p.171-191
Abstract

Searchable symmetric encryption (SSE) schemes are commonly proposed to enable search in a protected unstructured documents such as email archives or any set of sensitive text files. However, some SSE schemes have been recently proposed in order to protect relational databases. Most of the previous attacks on SSE schemes have only targeted its common use case, protecting unstructured data. In this work, we propose a new inference attack on relational databases protected via SSE schemes. Our inference attack enables a passive adversary with only basic knowledge about the meta-data information of the target relational database to recover the attribute names of some observed queries. This violates query privacy since the attribute name of a... (More)

Searchable symmetric encryption (SSE) schemes are commonly proposed to enable search in a protected unstructured documents such as email archives or any set of sensitive text files. However, some SSE schemes have been recently proposed in order to protect relational databases. Most of the previous attacks on SSE schemes have only targeted its common use case, protecting unstructured data. In this work, we propose a new inference attack on relational databases protected via SSE schemes. Our inference attack enables a passive adversary with only basic knowledge about the meta-data information of the target relational database to recover the attribute names of some observed queries. This violates query privacy since the attribute name of a query is secret.

(Less)
Please use this url to cite or link to this publication:
author
; ; and
organization
publishing date
type
Chapter in Book/Report/Conference proceeding
publication status
published
subject
host publication
Information Security - 21st International Conference, ISC 2018, Proceedings
series title
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
editor
Chen, Liqun ; Manulis, Mark and Schneider, Steve
volume
11060 LNCS
pages
21 pages
publisher
Springer
conference name
21st Information Security Conference, ISC 2018
conference location
Guildford, United Kingdom
conference dates
2018-09-09 - 2018-09-12
external identifiers
  • scopus:85053994380
ISSN
0302-9743
1611-3349
ISBN
9783319991351
DOI
10.1007/978-3-319-99136-8_10
project
Cyber Security for Next Generation Factory (SEC4FACTORY)
Cloudification of Production Engineering for Predictive Digital Manufacturing
language
English
LU publication?
yes
id
4caa6e7a-10ab-4421-906e-12c454a4dee2
date added to LUP
2018-10-22 14:19:08
date last changed
2024-09-03 04:28:12
@inproceedings{4caa6e7a-10ab-4421-906e-12c454a4dee2,
  abstract     = {{<p>Searchable symmetric encryption (SSE) schemes are commonly proposed to enable search in a protected unstructured documents such as email archives or any set of sensitive text files. However, some SSE schemes have been recently proposed in order to protect relational databases. Most of the previous attacks on SSE schemes have only targeted its common use case, protecting unstructured data. In this work, we propose a new inference attack on relational databases protected via SSE schemes. Our inference attack enables a passive adversary with only basic knowledge about the meta-data information of the target relational database to recover the attribute names of some observed queries. This violates query privacy since the attribute name of a query is secret.</p>}},
  author       = {{Abdelraheem, Mohamed Ahmed and Andersson, Tobias and Gehrmann, Christian and Glackin, Cornelius}},
  booktitle    = {{Information Security - 21st International Conference, ISC 2018, Proceedings}},
  editor       = {{Chen, Liqun and Manulis, Mark and Schneider, Steve}},
  isbn         = {{9783319991351}},
  issn         = {{0302-9743}},
  language     = {{eng}},
  pages        = {{171--191}},
  publisher    = {{Springer}},
  series       = {{Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)}},
  title        = {{Practical Attacks on Relational Databases Protected via Searchable Encryption}},
  url          = {{http://dx.doi.org/10.1007/978-3-319-99136-8_10}},
  doi          = {{10.1007/978-3-319-99136-8_10}},
  volume       = {{11060 LNCS}},
  year         = {{2018}},
}