Visible to the public Practical and Secure Dynamic Searchable Encryption via Oblivious Access on Distributed Data Structure

TitlePractical and Secure Dynamic Searchable Encryption via Oblivious Access on Distributed Data Structure
Publication TypeConference Paper
Year of Publication2016
AuthorsHoang, Thang, Yavuz, Attila Altay, Guajardo, Jorge
Conference NameProceedings of the 32Nd Annual Conference on Computer Security Applications
Date PublishedDecember 2016
PublisherACM
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-4771-6
Keywordscomposability, i-o systems security, i/o systems security, io systems security, oblivious data structure, ORAM, privacy enhancing technology, privacy in cloud computing, pubcrawl, Resiliency, Searchable encryption
Abstract

Dynamic Searchable Symmetric Encryption (DSSE) allows a client to perform keyword searches over encrypted files via an encrypted data structure. Despite its merits, DSSE leaks search and update patterns when the client accesses the encrypted data structure. These leakages may create severe privacy problems as already shown, for example, in recent statistical attacks on DSSE. While Oblivious Random Access Memory (ORAM) can hide such access patterns, it incurs significant communication overhead and, therefore, it is not yet fully practical for cloud computing systems. Hence, there is a critical need to develop private access schemes over the encrypted data structure that can seal the leakages of DSSE while achieving practical search/update operations. In this paper, we propose a new oblivious access scheme over the encrypted data structure for searchable encryption purposes, that we call textlessutextgreaterDtextless/utextgreateristributed textlessutextgreaterOtextless/utextgreaterblivious textlessutextgreaterDtextless/utextgreaterata structure textlessutextgreaterDSSEtextless/utextgreater (DOD-DSSE). The main idea is to create a distributed encrypted incidence matrix on two non-colluding servers such that no arbitrary queries on these servers can be linked to each other. This strategy prevents not only recent statistical attacks on the encrypted data structure but also other potential threats exploiting query linkability. Our security analysis proves that DOD-DSSE ensures the unlink-ability of queries and, therefore, offers much higher security than traditional DSSE. At the same time, our performance evaluation demonstrates that DOD-DSSE is two orders of magnitude faster than ORAM-based techniques (e.g., Path ORAM), since it only incurs a small-constant number of communication overhead. That is, we deployed DOD-DSSE on geographically distributed Amazon EC2 servers, and showed that, a search/update operation on a very large dataset only takes around one second with DOD-DSSE, while it takes 3 to 13 minutes with Path ORAM-based methods.

URLhttps://dl.acm.org/doi/10.1145/2991079.2991088
DOI10.1145/2991079.2991088
Citation Keyhoang_practical_2016