Visible to the public The Strength of Weak Randomization: Easily Deployable, Efficiently Searchable Encryption with Minimal Leakage

TitleThe Strength of Weak Randomization: Easily Deployable, Efficiently Searchable Encryption with Minimal Leakage
Publication TypeConference Paper
Year of Publication2019
AuthorsPouliot, David, Griffy, Scott, Wright, Charles V.
Conference Name2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
Date Publishedjun
Keywordscloud computing, composability, computer security, cryptography, data privacy, deployable database encryption scheme, document handling, document management systems, encrypted data, Encryption, Entropy, Human Behavior, inference attacks, legacy service, Metrics, outsourcing, probability, pubcrawl, relational database engine, relational database security, relational databases, resilience, Resiliency, searchable database encryption scheme, Searchable encryption, Servers, Standards, untrusted service, weak randomization
Abstract

Efficiently searchable and easily deployable encryption schemes enable an untrusted, legacy service such as a relational database engine to perform searches over encrypted data. The ease with which such schemes can be deployed on top of existing services makes them especially appealing in operational environments where encryption is needed but it is not feasible to replace large infrastructure components like databases or document management systems. Unfortunately all previously known approaches for efficiently searchable and easily deployable encryption are vulnerable to inference attacks where an adversary can use knowledge of the distribution of the data to recover the plaintext with high probability. We present a new efficiently searchable, easily deployable database encryption scheme that is provably secure against inference attacks even when used with real, low-entropy data. We implemented our constructions in Haskell and tested databases up to 10 million records showing our construction properly balances security, deployability and performance.

DOI10.1109/DSN.2019.00059
Citation Keypouliot_strength_2019