TY - GEN
T1 - SoK: A Systematic Study of Attacks in Efficient Encrypted Cloud Data Search
AU - Yao, Jing
AU - Zheng, Yifeng
AU - Guo, Yu
AU - Wang, Cong
N1 - Publisher Copyright:
© 2020 ACM.
PY - 2020/10/6
Y1 - 2020/10/6
N2 - Searchable encryption allows one to search encrypted data hosted by an untrusted cloud. In terms of efficiency, symmetric key-based searchable encryption is promising for practical deployment and has been a rich area of research. In the literature, there are mainly two lines of research accordingly: searchable symmetric encryption (SSE) for encrypted matching queries and order-preserving or order-revealing encryption (OPE/ORE) for encrypted range queries. Despite the efficiency, these searchable encryption techniques all allow leakages in their security frameworks and have been shown to be vulnerable to various attacks in recent years. There has been little work regarding a comprehensive investigation on these attacks. In this paper, we provide a systematic survey on the recent advances on attacks in efficient encrypted cloud data search backed by SSE or OPE/ORE. Specifically, we first provide a categorization of the adversary model from diverse dimensions. Then we systematically examine the existing attacks against SSE and OPE/ORE under different adversary types and the leakages allowed in the security frameworks. The goal of this paper is to provide pointers for understanding the security of efficient searchable encryption techniques and to call for further motivated research activities.
AB - Searchable encryption allows one to search encrypted data hosted by an untrusted cloud. In terms of efficiency, symmetric key-based searchable encryption is promising for practical deployment and has been a rich area of research. In the literature, there are mainly two lines of research accordingly: searchable symmetric encryption (SSE) for encrypted matching queries and order-preserving or order-revealing encryption (OPE/ORE) for encrypted range queries. Despite the efficiency, these searchable encryption techniques all allow leakages in their security frameworks and have been shown to be vulnerable to various attacks in recent years. There has been little work regarding a comprehensive investigation on these attacks. In this paper, we provide a systematic survey on the recent advances on attacks in efficient encrypted cloud data search backed by SSE or OPE/ORE. Specifically, we first provide a categorization of the adversary model from diverse dimensions. Then we systematically examine the existing attacks against SSE and OPE/ORE under different adversary types and the leakages allowed in the security frameworks. The goal of this paper is to provide pointers for understanding the security of efficient searchable encryption techniques and to call for further motivated research activities.
KW - attacks
KW - cloud computing
KW - encrypted search
KW - order-preserving/revealing encryption
KW - searchable symmetric encryption
UR - http://www.scopus.com/inward/record.url?scp=85096009452&partnerID=8YFLogxK
U2 - 10.1145/3384942.3406869
DO - 10.1145/3384942.3406869
M3 - Conference article published in proceeding or book
AN - SCOPUS:85096009452
T3 - SBC 2020 - Proceedings of the 8th International Workshop on Security in Blockchain and Cloud Computing, Co-located with AsiaCCS 2020
SP - 14
EP - 20
BT - SBC 2020 - Proceedings of the 8th International Workshop on Security in Blockchain and Cloud Computing, Co-located with AsiaCCS 2020
PB - Association for Computing Machinery, Inc
T2 - 8th International Workshop on Security in Blockchain and Cloud Computing, SBC 2020, Co-located with AsiaCCS 2020
Y2 - 6 October 2020
ER -