Leakage-Abuse Attacks against Order-Revealing Encryption

Grubbs, Paul; Sekniqi, Kevin; Bindschaedler, Vincent; Naveed, Muhammad; Ristenpart, Thomas

doi:10.1109/sp.2017.44

Cited by 150 publications

(119 citation statements)

References 22 publications

Supporting

Mentioning

119

Contrasting

Order By: Relevance

“…However, all the above algorithms only can process the data in an unencrypted form. Furthermore, these algorithms involve range queries which has multiple dedicated attacks for its encrypted version [17], [18] recently.…”

Section: Related Workmentioning

confidence: 99%

“…However, the above solution still has two security issues. First, sorting reveals the order of data points, while some recent works [17], [18] demonstrated that it is possible to precisely reconstruct the underling values (i.e., distances) if an adversary knows the rank and some auxiliary information. Furthermore, different kNN lists may include the same data point, which means that the adversary can compare the identities/distance shares in different kNN lists to learn extra information about common neighbours for different data points.…”

Section: A Cryptographic Modulesmentioning

confidence: 99%

See 1 more Smart Citation

Enabling Efficient Privacy-Assured Outlier Detection Over Encrypted Incremental Data Sets

Lai

Yuan

Sakzad

et al. 2020

IEEE Internet Things J.

View full text Add to dashboard Cite

Outlier detection is widely used in practice to track the anomaly on incremental datasets such as network traffic and system logs. However, these datasets often involve sensitive information, and sharing the data to third parties for anomaly detection raises privacy concerns. In this paper, we present a privacy-preserving outlier detection protocol (PPOD) for incremental datasets. The protocol decomposes the outlier detection algorithm into several phases and recognises the necessary cryptographic operations in each phase. It realises several cryptographic modules via efficient and interchangeable protocols to support the above cryptographic operations and composes them in the overall protocol to enable outlier detection over encrypted datasets. To support efficient updates, it integrates the sliding window model to periodically evict the expired data in order to maintain a constant update time. We build a prototype of PPOD and systematically evaluates the cryptographic modules and the overall protocols under various parameter settings. Our results show that PPOD can handle encrypted incremental datasets with a moderate computation and communication cost.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: A Cryptographic Modulesmentioning

confidence: 99%

Enabling Efficient Privacy-Assured Outlier Detection Over Encrypted Incremental Data Sets

Lai

Yuan

Sakzad

et al. 2020

IEEE Internet Things J.

View full text Add to dashboard Cite

show abstract

“…These attacks usually use the order and frequency of plaintexts and auxiliary information such as plaintext distribution. Durak et al [7] and Grubbs et al [11] proposed improved inference attacks of Naveed et al in several ways and additionally presented leakage-abuse attacks against ORE schemes with the specified leakage. Both attacks showed that the leakage of ORE can be effectively used to recover more accurate plaintexts than that was theoretically analyzed.…”

Section: Related Workmentioning

confidence: 99%

Multi-Client Order-Revealing Encryption

Eom

Lee

2018

IEEE Access

View full text Add to dashboard Cite

Order-revealing encryption is a useful cryptographic primitive that provides range queries on encrypted data since anyone can compare the order of plaintexts by running a public comparison algorithm. Most studies on order-revealing encryption focus only on comparing ciphertexts generated by a single client, and there is no study on comparing ciphertexts generated by multiple clients. In this paper, we propose the concept of multi-client order-revealing encryption that supports comparisons not only on ciphertexts generated by one client but also on ciphertexts generated by multiple clients. We also define a simulation-based security model for multi-client order-revealing encryption. The security model is defined with respect to the leakage function which quantifies how much information is leaked from the scheme. Next, we present two specific multi-client order-revealing encryption schemes with different leakage functions in bilinear maps and prove their security in the random oracle model. Finally, we give the implementation of the proposed schemes and suggest methods to improve the performance of ciphertext comparisons.

show abstract

“…• Grubbs et al [28] infer the plaintexts of the attributes of customer records (e.g., first name, last name, ZIP codes, birth dates, etc.) stored in an encrypted database.…”

Section: Auxiliary Informationmentioning

confidence: 99%

“…Pouliot et al [52] present the graph matching attacks on searchable encryption. Grubbs et al [28] build attacks on order-preserving encryption based on the frequency and ordering information.…”

Section: Related Workmentioning

confidence: 99%

Information Leakage in Encrypted Deduplication via Frequency Analysis

Qin

Lee

et al. 2017

2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

View full text Add to dashboard Cite

Encrypted deduplication combines encryption and deduplication to simultaneously achieve both data security and storage efficiency. State-of-the-art encrypted deduplication systems mainly build on deterministic encryption to preserve deduplication effectiveness. However, such deterministic encryption reveals the underlying frequency distribution of the original plaintext chunks. This allows an adversary to launch frequency analysis against the ciphertext chunks and infer the content of the original plaintext chunks. In this paper, we study how frequency analysis affects information leakage in encrypted deduplication, from both attack and defense perspectives. Specifically, we target backup workloads, and propose a new inference attack that exploits chunk locality to increase the coverage of inferred chunks. We further combine the new inference attack with the knowledge of chunk sizes and show its attack effectiveness against variable-size chunks. We conduct trace-driven evaluation on both real-world and synthetic datasets and show that our proposed attacks infer a significant fraction of plaintext chunks under backup workloads. To defend against frequency analysis, we present two defense approaches, namely MinHash encryption and scrambling. Our trace-driven evaluation shows that our combined MinHash encryption and scrambling scheme effectively mitigates the severity of the inference attacks, while maintaining high storage efficiency and incurring limited metadata access overhead.

show abstract

Leakage-Abuse Attacks against Order-Revealing Encryption

Cited by 150 publications

References 22 publications

Enabling Efficient Privacy-Assured Outlier Detection Over Encrypted Incremental Data Sets

Enabling Efficient Privacy-Assured Outlier Detection Over Encrypted Incremental Data Sets

Multi-Client Order-Revealing Encryption

Information Leakage in Encrypted Deduplication via Frequency Analysis

Contact Info

Product

Resources

About