Visible to the public Revisiting Security Risks of Asymmetric Scalar Product Preserving Encryption and Its Variants

TitleRevisiting Security Risks of Asymmetric Scalar Product Preserving Encryption and Its Variants
Publication TypeConference Paper
Year of Publication2017
AuthorsLin, W., Wang, K., Zhang, Z., Chen, H.
Conference Name2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS)
KeywordsASPE, Asymmetric Encryption, asymmetric scalar-product-preserving encryption, ciphertexts, cloud computing, compositionality, confidential information, cryptography, Encryption, Human Behavior, Indexes, Internet, Mathematical model, Metrics, outsourcing, product preservation property, pubcrawl, query answering, resilience, Resiliency, scalar product preserving encryption, security risks, Servers
Abstract

Cloud computing has emerged as a compelling vision for managing data and delivering query answering capability over the internet. This new way of computing also poses a real risk of disclosing confidential information to the cloud. Searchable encryption addresses this issue by allowing the cloud to compute the answer to a query based on the cipher texts of data and queries. Thanks to its inner product preservation property, the asymmetric scalar-product-preserving encryption (ASPE) has been adopted and enhanced in a growing number of works toperform a variety of queries and tasks in the cloud computingsetting. However, the security property of ASPE and its enhancedschemes has not been studied carefully. In this paper, we show acomplete disclosure of ASPE and several previously unknownsecurity risks of its enhanced schemes. Meanwhile, efficientalgorithms are proposed to learn the plaintext of data and queriesencrypted by these schemes with little or no knowledge beyondthe ciphertexts. We demonstrate these risks on real data sets.

URLhttps://ieeexplore.ieee.org/document/7980052/
DOI10.1109/ICDCS.2017.20
Citation Keylin_revisiting_2017