Feng Liu,Kaiping Xue,Jinjiang Yang,Jing Zhang,Zixuan Huang,Jian Li,David S. L. Wei

DOI: https://doi.org/10.1109/tdsc.2023.3335304

2023-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Searchable Symmetric Encryption (SSE) is a valuable cryptographic tool that allows a client to retrieve its outsourced data from an untrusted server via keyword search. Initially, SSE research primarily focused on the efficiency-security trade-off. However, in recent years, attention has shifted towards range queries instead of exact keyword searches, resulting in significant developments in the SSE field. Despite the advancements in SSE schemes supporting range queries, many are susceptible to leakage-abuse attacks due to volumetric profile leakage. Although several schemes exist to prevent volume leakage, these solutions prove inefficient when dealing with large-scale datasets. In this paper, we highlight the efficiency-security trade-off for range queries in SSE. Subsequently, we propose a volume-hiding range SSE scheme that ensures efficient operations on extensive datasets. Leveraging the order-weighted inverted index and bitmap structure, our scheme achieves high search efficiency while maintaining the confidentiality of the volumetric profile. To facilitate searching within large-scale datasets, we introduce a partitioning strategy that divides a broad range into disjoint partitions and stores the information in a local binary tree. Through an analysis of the leakage function, we demonstrate the security of our proposed scheme within the ideal/real model simulation paradigm. Our experimental results further validate the practicality of our scheme with real-life large-scale datasets.

Ghous Amjad,Sarvar Patel,Giuseppe Persiano,Kevin Yeo,Moti Yung

DOI: https://doi.org/10.56553/popets-2023-0025

2023-01-01

Proceedings on Privacy Enhancing Technologies

Abstract:We study encrypted storage schemes where a client outsources data to an untrusted third-party server (such as a cloud storage provider) while maintaining the ability to privately query and dynamically update the data. We focus on encrypted multi-maps (EMMs), a structured encryption (STE) scheme that stores pairs of label and value tuples. EMMs allow queries on labels and return the associated value tuple. As responses are variable-length, EMMs are subject to volume leakage attacks introduced by Kellaris et al. [CCS'16]. To prevent these attacks, volume-hiding EMMs were introduced by Kamara and Moataz [Eurocrypt'19] that hide the label volumes (i.e., the value tuple lengths). As our main contribution, we present the first fully dynamic volume-hiding EMMs that are both asymptotically and concretely efficient. Furthermore, they are simultaneously forward and backward private which are the de-facto standard security notions for dynamic STE schemes. Additionally, we implement our schemes to showcase their concrete efficiency. Our experimental evaluations show that our constructions are able to add dynamicity with minimal to no additional cost compared to the prior best static volume-hiding schemes of Patel et al. [CCS'19].

Dongli Liu,Wei Wang,Peng Xu,Laurence T. Yang,Bo Luo,Kaitai Liang

2024-03-02

Abstract:Dynamic Searchable Encryption (DSE) has emerged as a solution to efficiently handle and protect large-scale data storage in encrypted databases (EDBs). Volume leakage poses a significant threat, as it enables adversaries to reconstruct search queries and potentially compromise the security and privacy of data. Padding strategies are common countermeasures for the leakage, but they significantly increase storage and communication costs. In this work, we develop a new perspective to handle volume leakage. We start with distinct search and further explore a new concept called \textit{distinct} DSE (\textit{d}-DSE).

Cryptography and Security

Zhe-Ming Lu,Zhen Li

DOI: https://doi.org/10.1007/978-3-540-92238-4_18

2008-01-01

Abstract:In the digitized world nowadays, digital content (audio, images, video, 3D meshes, etc.) can be easily copied, manipulated and distributed. Copyright protection and integrity verification of digital content have become urgent problems for multimedia owners and distributors. In addition, to alleviate bandwidth requirements, vector quantization (VQ) is an effective and popular vertex data compression technique for triangle meshes. In this paper, we present a new data hiding method for 3D triangle meshes in the predictive VQ domain. The proposed method is reversible and enables the cover mesh data to be completely restored when the payload is removed from the VQ bitstream. The mechanism is embedding the payload by modifying the prediction rules during the VQ process. Besides, the hash of the cover mesh can be hidden for the self authentication purpose. Experimental results demonstrate the high capacity of the proposed data hiding scheme.

Peeyush Gupta,Sharad Mehrotra,Shantanu Sharma,Nalini Venkatasubramanian,Guoxi Wang

DOI: https://doi.org/10.48550/arXiv.2102.05238

2021-02-10

Cryptography and Security

Abstract:This paper proposes a system, entitled Concealer that allows sharing time-varying spatial data (e.g., as produced by sensors) in encrypted form to an untrusted third-party service provider to provide location-based applications (involving aggregation queries over selected regions over time windows) to users. Concealer exploits carefully selected encryption techniques to use indexes supported by database systems and combines ways to add fake tuples in order to realize an efficient system that protects against leakage based on output-size. Thus, the design of Concealer overcomes two limitations of existing symmetric searchable encryption (SSE) techniques: (i) it avoids the need of specialized data structures that limit usability/practicality of SSE in large scale deployments, and (ii) it avoids information leakages based on the output-size, which may leak data distributions. Experimental results validate the efficiency of the proposed algorithms over a spatial time-series dataset (collected from a smart space) and TPC-H datasets, each of 136 Million rows, the size of which prior approaches have not scaled to.

Zhenfei Zhao,KaYin Chau,Zheming Lu

2011-01-01

Abstract:Recently, a reversible secret sharing scheme has been developed for encrypting a secret image in a set of camouflage images. The key advantage lies in that both the secret and cover images can be accurately reconstructed during decryption. This paper proposes a high capacity data hiding scheme integrated in reversible secret sharing. In secret sharing, some extra confidential data are also hidden in camouflage images by means of a double module mechanism. As a multilevel histogram shifting strategy is employed, a high capacity can be achieved. In the decoder, not only the cover and secret images but also the confidential data can be perfectly recovered. The confidential data can be some affiliated information of the secret image or for validity authentication. Experimental results demonstrate the effectiveness of the proposed method.

Kui Ren,Yu Guo,Jiaqi Li,Xiaohua Jia,Cong Wang,Yajin Zhou,Sheng Wang,Ning Cao,Feifei Li

DOI: https://doi.org/10.1109/icdcs47774.2020.00014

2020-01-01

Abstract:An encrypted index is a data structure that assisting untrusted servers to provide various query functionalities in the ciphertext domain. Although traditional index designs can prevent servers from directly obtaining plaintexts, the confidentiality of outsourced data could still be compromised by observing the volume of different queries. Recent volume attacks have demonstrated the importance of sealing volume-pattern leakage. To this end, several works are made to design secure indexes with the volume-hiding property. However, prior designs only work for encrypted keyword search. Due to the unpredictable range query results, it is difficult to protect the volume-pattern leakage while achieving efficient range queries. In this paper, for the first time, we define and solve the challenging problem of volume-hiding range queries over encrypted data. Our proposed hybrid index framework, called HybrIDX, allows an untrusted server to efficiently search encrypted data based on order conditions without revealing the exact volume size. It resorts to the trusted hardware techniques to assist range query processing by moving the comparison algorithm to trusted SGX enclaves. To enable volume-hiding data retrieval, we propose to host encrypted results outside the enclave in an encrypted multi-maps manner. Apart from this novel hybrid index design, we further customize a bulk refresh mechanism to enable access-pattern obfuscation. We formally analyze the security strengths and complete the prototype implementation. Evaluation results demonstrate the feasibility and practicability of our designs.

Lei Xu,Huayi Duan,Anxin Zhou,Xingliang Yuan,Cong Wang

DOI: https://doi.org/10.1109/tifs.2021.3128823

IF: 7.231

2021-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Searchable symmetric encryption (SSE) enables users to make confidential queries over always encrypted data while confining information disclosure to pre-defined leakage profiles. Despite the well-understood performance and potentially broad applications of SSE, recent leakage-abuse attacks (LAAs) are questioning its real-world security implications. They show that a passive adversary with certain prior information of a database can recover queries by exploiting the legitimately admitted leakage. While several countermeasures have been proposed, they are insufficient for either security, i.e., handling only specific leakage like query volume, or efficiency, i.e., incurring large storage and bandwidth overhead. We aim to fill this gap by advancing the understanding of LAAs from a fundamental algebraic perspective. Our investigation starts by revealing that the index matrices of a plaintext database and its encrypted image can be linked by linear transformation. The invariant characteristics preserved under the transformation encompass and surpass the information exploited by previous LAAs. They allow one to unambiguously link encrypted queries with corresponding keywords, even with only partial knowledge of the database. Accordingly, we devise a new powerful attack and conduct a series of experiments to show its effectiveness. In response, we propose a new security notion to thwart LAAs in general, inspired by the principle of local differential privacy (LDP). Under the notion, we further develop a practical countermeasure with tunable privacy and efficiency guarantee. Experiment results on representative real-world datasets show that our countermeasure can reduce the query recovery rate of LAAs, including our own.

computer science, theory & methods,engineering, electrical & electronic

Xianglong Zhang,Wei Wang,Peng Xu,Laurence T. Yang,Kaitai Liang

DOI: https://doi.org/10.48550/arXiv.2302.05628

2023-02-11

Cryptography and Security

Abstract:Searchable symmetric encryption enables private queries over an encrypted database, but it also yields information leakages. Adversaries can exploit these leakages to launch injection attacks (Zhang et al., USENIX'16) to recover the underlying keywords from queries. The performance of the existing injection attacks is strongly dependent on the amount of leaked information or injection. In this work, we propose two new injection attacks, namely BVA and BVMA, by leveraging a binary volumetric approach. We enable adversaries to inject fewer files than the existing volumetric attacks by using the known keywords and reveal the queries by observing the volume of the query results. Our attacks can thwart well-studied defenses (e.g., threshold countermeasure, static padding) without exploiting the distribution of target queries and client databases. We evaluate the proposed attacks empirically in real-world datasets with practical queries. The results show that our attacks can obtain a high recovery rate (>80%) in the best case and a roughly 60% recovery even under a large-scale dataset with a small number of injections (<20 files).

Leqian Zheng,Lei Xu,Cong Wang,Sheng Wang,Yuke Hu,Zhan Qin,Feifei Li,Kui Ren

2024-05-15

Abstract:Numerous studies have underscored the significant privacy risks associated with various leakage patterns in encrypted data stores. While many solutions have been proposed to mitigate these leakages, they either (1) incur substantial overheads, (2) focus on specific subsets of leakage patterns, or (3) apply the same security notion across various workloads, thereby impeding the attainment of fine-tuned privacy-efficiency trade-offs. In light of various detrimental leakage patterns, this paper starts with an investigation into which specific leakage patterns require our focus in the contexts of key-value, range-query, and dynamic workloads, respectively. Subsequently, we introduce new security notions tailored to the specific privacy requirements of these workloads. Accordingly, we propose and instantiate SWAT, an efficient construction that progressively enables these workloads, while provably mitigating system-wide leakage via a suite of algorithms with tunable privacy-efficiency trade-offs. We conducted extensive experiments and compiled a detailed result analysis, showing the efficiency of our solution. SWATis about an order of magnitude slower than an encryption-only data store that reveals various leakage patterns and is two orders of magnitude faster than a trivial zero-leakage solution. Meanwhile, the performance of SWATremains highly competitive compared to other designs that mitigate specific types of leakage.

Cryptography and Security

Viet Vo,Xingliang Yuan,Shi-Feng Sun,Joseph K. Liu,Surya Nepal,Cong Wang,Shifeng Sun

DOI: https://doi.org/10.1109/tkde.2021.3126607

IF: 9.235

2022-01-01

IEEE Transactions on Knowledge and Data Engineering

Abstract:Cloud storage systems have seen a growing number of clients due to the fact that more and more businesses and governments are shifting away from in-house data servers and seeking cost-effective and ease-of-access solutions. However, the security of cloud storage is underestimated in current practice, which resulted in many large-scale data breaches. To change the status quo, this paper presents the design of ShieldDB, an encrypted document database. ShieldDB adapts the searchable encryption technique to preserve the search functionality over encrypted documents without having much impact on its scalability. However, merely realising such a theoretical primitive suffers from real-world threats, where a knowledgeable adversary can exploit the leakage (aka access pattern to the database) to break the claimed protection on data confidentiality. To address this challenge in practical deployment, ShieldDB is designed with tailored padding countermeasures. Unlike prior works, we target a more realistic adversarial model, where the database gets updated continuously, and the adversary can monitor it at an (or multiple) arbitrary time interval(s). ShieldDB’s padding strategies ensure that the access pattern to the database is obfuscated all the time. We present a full-fledged implementation of ShieldDB and conduct intensive evaluations on Azure Cloud.

computer science, information systems, artificial intelligence,engineering, electrical & electronic

Yanping Li,Qiang Cao,Kai Zhang,Fang Ren

DOI: https://doi.org/10.1016/j.sysarc.2021.102006

IF: 5.836

2021-05-01

Journal of Systems Architecture

Abstract:<p>The keyword-based searchable encryption is a very promising technology in the cloud storage, which can supply data users with accurate search services over encrypted data based on queried keywords. An important security objective of this kind of schemes is to resist keyword privacy leakage because it may cause content leakage of to data itself and search preferences of data users. To protect keyword privacy, the existing methods mainly are implemented by keyword ciphertext indistinguishability and trapdoor indistinguishability. And there is few works to resist keyword privacy leakage from access pattern and search pattern simultaneously, which will inevitably affects the further application of this promising technology. In order to avoid keyword privacy leakage from above two patterns, we first construct a novel secure keyword index called the global index pair which is used to construct a k-nearest neighbour search, i.e., a data user can always receive the top-k encrypted files which are the most relevant to the search query. To effectively save computing costs and storage costs for DUs, a new order-preserving transformation is designed in our scheme to generate trapdoor without DUs computing the inverse of matrix. Secondly, our construction is independent of a specific searchable encryption scheme. Any kind of a keyword-based searchable encryption scheme can apply our method to resist the keyword privacy leakage both from access pattern and search pattern. Finally, the detailed security analyses are given to demonstrate that the advantage of any Level-3 attacker launching efficient inside attack from search pattern and access pattern is negligible, i.e., our construction can protect the keyword privacy against an inside attacker.</p>

computer science, software engineering, hardware & architecture

Jianting Ning,Jia Xu,Kaitai Liang,Fan Zhang,Ee-Chien Chang

DOI: https://doi.org/10.1109/tifs.2018.2866321

IF: 7.231

2019-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Searchable encryption (SE) provides a privacy-preserving mechanism for data users to search over encrypted data stored on a remote server. Researchers have designed a number of SE schemes with high efficiency yet allowing some degree of leakage profile to the remote server. The leakage, however, should be further measured to allow us to understand what types of attacks an SE scheme would encounter. This paper considers passive attacks that make inferences based on prior knowledge and observations on queries issued by users. This is in contrast to previously studied active attacks that adaptively inject files and queries. We consider several assumptions on the types or prior knowledge the attacker possessed and propose a few passive attacks. In particular, under the "full-fledged" assumption, the keyword recovery rate of our attack is optimal in the sense that it is equal to the theoretical upper bound. We further present several enhanced attacks under other weaker assumptions on various levels of the prior knowledge that the attacker can obtain, in which the keyword recovery rates are optimal or nearly optimal (i.e., approaching the theoretical upper bound). In addition, we provide extensive experiments to show the "power" of our passive attacks. This paper highlights the importance of minimizing the prior knowledge of a server and the leakage of search queries. It also shows that simply distorting the frequency of the keyword to hold against our passive attacks may not scale well.

Zhiqiang Yang,Sheng Zhong,Rebecca N. Wright

DOI: https://doi.org/10.1007/11863908_29

2006-01-01

Abstract:Data confidentiality is a major concern in database systems. Encryption is a useful tool for protecting the confidentiality of sensitive data. However, when data is encrypted, performing queries becomes more challenging. In this paper, we study efficient and provably secure methods for queries on encrypted data stored in an outsourced database that may be susceptible to compromise. Specifically, we show that, in our system, even if an intruder breaks into the database and observes some interactions between the database and its users, he only learns very little about the data stored in the database and the queries performed on the data.Our work consists of several components. First, we consider databases in which each attribute has a finite domain and give a basic solution for certain kinds of queries on such databases. Then, we present two enhanced solutions, one with a stronger security guarantee and the other with accelerated queries. In addition to providing proofs of our security guarantees, we provide empirical performance evaluations. Our experiments demonstrate that our solutions are fast on large-sized real data.

Chien-Ming Chen,Zhuoyu Tie,Eric Ke Wang,Muhammad Khurram Khan,Sachin Kumar,Saru Kumari

DOI: https://doi.org/10.1007/s12083-021-01132-3

2021-04-30

Abstract:Searchable encryption performs satisfactorily in protecting the privacy of outsourced data in cloud storage scenarios because it encrypts data and provides a secure way of searching on the ciphertext. Dynamic searchable encryption is designed to support the insertion and deletion of outsourced data. However, insertion may cause information leakage of updated keywords. Thus, forward privacy is proposed to limit the leakage of insertion, and it has become a vital security attribute for dynamic schemes. A verifiable dynamic encryption with ranked search (VDERS) scheme helps users to update outsourced data and verify the search result’s accuracy. However, as demonstrated in this study, a VDERS scheme proposed recently fails to satisfy forward privacy because there are two links between the previous search token and the added document. Thus, we designed an improved scheme VDERSc to achieve forward privacy. In our work, we cut off the two links by adding counters and an update buffer. Finally, experiment results showed that our improved scheme supports verification at a finer granularity, leading to a significant proof generation reduction.

computer science, information systems,telecommunications

Axin Wu,Fagen Li,Xiangjun Xin,Yinghui Zhang,Jianhao Zhu

DOI: https://doi.org/10.1016/j.sysarc.2024.103104

IF: 5.836

2024-03-08

Journal of Systems Architecture

Abstract:Cloud storage offers data users relief from cumbersome management tasks and enhances overall efficiency. However, while it brings convenience, there is also the risk of privacy breaches. To address this, public-key encryption with keyword search (PEKE) presents a solution that balances efficiency, convenience, and security in the context of cloud storage. Nevertheless, PEKS is vulnerable to inside keyword guessing attacks and algorithm substitution attacks, posing a serious threat to its deployment. Cryptographic reverse firewall technique randomizes incoming messages to effectively defend against both types of attacks mentioned earlier through a gateway. However, this approach requires the gateway to store a random number for each keyword, increasing storage costs and potentially exposing keyword information. In response, we propose an improved scheme that inherits the remarkable properties of the method based on cryptographic reverse firewall. Additionally, the proposed scheme eliminates the need for gateways to store random numbers, reducing the management and storage burdens and supports multiple keywords for one document, a feature more aligned with real-world applications. Furthermore, we prove the security of the scheme, which achieves the same security goals as the existing scheme. Finally, we analyze the scheme s efficiency through theoretical analysis and performance evaluation, which demonstrates its efficiency.

computer science, software engineering, hardware & architecture

Haibo Hu,Jianliang Xu,Xizhong Xu,Kexin Pei,Byron Choi,Shuigeng Zhou

DOI: https://doi.org/10.1109/icde.2014.6816687

2014-01-01

Abstract:Query processing that preserves both the query privacy at the client and the data privacy at the server is a new research problem. It has many practical applications, especially when the queries are about the sensitive attributes of records. However, most existing studies, including those originating from data outsourcing, address the data privacy and query privacy separately. Although secure multiparty computation (SMC) is a suitable computing paradigm for this problem, it has significant computation and communication overheads, thus unable to scale up to large datasets. Fortunately, recent advances in cryptography bring us two relevant tools - conditional oblivious transfer and homomorphic encryption. In this paper, we integrate database indexing techniques with these tools in the context of private search on key-value stores. We first present an oblivious index traversal framework, in which the server cannot trace the index traversal path of a query during evaluation. The framework is generic and can support a wide range of query types with a suitable homomorphic encryption algorithm in place. Based on this framework, we devise secure protocols for classic key search queries on B+-tree and R-tree indexes. Our approach is verified by both security analysis and performance study.

Chen,Xingjun Wang

DOI: https://doi.org/10.1109/icip51287.2024.10647833

2024-01-01

Abstract:Video encryption and hiding technology play a crucial role in preserving both information security and privacy. Data hiding in encrypted video allows for marking and tampering detection of the encrypted stream while ensuring the security of the video content. In this case, the extraction process of embedded bits can be performed without decryption, which is more efficient. Owing to the limited research conducted on versatile video coding (VVC), this paper presents a large-capacity data hiding scheme in encrypted video based on H.266/VVC codec. In the proposed scheme, AES-CTR is employed to generate a pseudorandom binary sequence (PRBS). Then the PRBS is used to encrypt the syntax elements before context-based adaptive binary arithmetic coding (CABAC), including luma intra prediction mode (IPM), quantized transform coefficient (QTC) sign, and motion vector difference (MVD) sign. Simultaneously, QTC amplitude is utilized for data embedding. Here, a piecewise embedding method (PEM) is designed to improve the embedding capacity. Since the syntax elements used for encryption and data hiding are independent, the decryption and extraction processes are fully commutable. Experimental results demonstrated outstanding performance of the proposed scheme in embedding capacity while preserving the integrity and authenticity of the original video content.

Simon Oya,Florian Kerschbaum

DOI: https://doi.org/10.48550/arXiv.2010.03465

2020-10-07

Cryptography and Security

Abstract:Recent Searchable Symmetric Encryption (SSE) schemes enable secure searching over an encrypted database stored in a server while limiting the information leaked to the server. These schemes focus on hiding the access pattern, which refers to the set of documents that match the client's queries. This provides protection against current attacks that largely depend on this leakage to succeed. However, most SSE constructions also leak whether or not two queries aim for the same keyword, also called the search pattern. In this work, we show that search pattern leakage can severely undermine current SSE defenses. We propose an attack that leverages both access and search pattern leakage, as well as some background and query distribution information, to recover the keywords of the queries performed by the client. Our attack follows a maximum likelihood estimation approach, and is easy to adapt against SSE defenses that obfuscate the access pattern. We empirically show that our attack is efficient, it outperforms other proposed attacks, and it completely thwarts two out of the three defenses we evaluate it against, even when these defenses are set to high privacy regimes. These findings highlight that hiding the search pattern, a feature that most constructions are lacking, is key towards providing practical privacy guarantees in SSE.