Breaking Web Applications Built On Top of Encrypted Data
| Title | Breaking Web Applications Built On Top of Encrypted Data |
| Publication Type | Conference Paper |
| Year of Publication | 2016 |
| Authors | Grubbs, Paul, McPherson, Richard, Naveed, Muhammad, Ristenpart, Thomas, Shmatikov, Vitaly |
| Conference Name | Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-4139-4 |
| Keywords | application security, composability, control theory, decomposition, encryption audits, leakage, Metrics, provable security, pubcrawl, Searchable encryption, security, Security Audits |
| Abstract | We develop a systematic approach for analyzing client-server applications that aim to hide sensitive user data from untrusted servers. We then apply it to Mylar, a framework that uses multi-key searchable encryption (MKSE) to build Web applications on top of encrypted data. We demonstrate that (1) the Popa-Zeldovich model for MKSE does not imply security against either passive or active attacks; (2) Mylar-based Web applications reveal users' data and queries to passive and active adversarial servers; and (3) Mylar is generically insecure against active attacks due to system design flaws. Our results show that the problem of securing client-server applications against actively malicious servers is challenging and still unsolved. We conclude with general lessons for the designers of systems that rely on property-preserving or searchable encryption to protect data from untrusted servers. |
| URL | http://doi.acm.org/10.1145/2976749.2978351 |
| DOI | 10.1145/2976749.2978351 |
| Citation Key | grubbs_breaking_2016 |