Peekaboo, I See Your Queries

Passive Attacks Against DSSE Via Intermittent Observations

Conference Paper (2025)
Author(s)

Hao Nie (Huazhong University of Science and Technology)

Wei Wang (Huazhong University of Science and Technology)

Peng Xu (Huazhong University of Science and Technology)

Wei Chen (Huazhong University of Science and Technology)

Laurence T. Yang (St. Francis Xavier University)

Mauro Conti (Örebro University, Università degli Studi di Padova)

Kaitai Liang (TU Delft - Cyber Security, University of Turku)

DOI related publication
https://doi.org/10.1145/3719027.3765075 Final published version
More Info
expand_more
Publication Year
2025
Language
English
Bibliographical Note
Green Open Access added to TU Delft Institutional Repository as part of the Taverne amendment. More information about this copyright law amendment can be found at https://www.openaccess.nl. Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.
Pages (from-to)
2429-2443
Publisher
ACM
ISBN (electronic)
9798400715259
Event
Downloads counter
73
Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

Dynamic Searchable Symmetric Encryption (DSSE) allows secure searches over a dynamic encrypted database but suffers from inherent information leakage. Existing passive attacks against DSSE rely on persistent leakage monitoring to infer leakage patterns, whereas this work targets intermittent observation - a more practical threat model. We propose Peekaboo - a new universal attack framework - and the core design relies on inferring the search pattern and further combining it with auxiliary knowledge and other leakage. We instantiate Peekaboo over the SOTA attacks, Sap (USENIX' 21) and Jigsaw (USENIX' 24), to derive their “+” variants (Sap+ and Jigsaw+). Extensive experiments demonstrate that our design achieves >0.9 adjusted rand index for search pattern recovery and ~90% query accuracy vs. FMA's ~30% (CCS' 23). Peekaboo's accuracy scales with observation rounds and the number of observed queries but also it resists SOTA countermeasures, with >40% accuracy against file size padding and >80% against obfuscation.

Files

3719027.3765075.pdf
(pdf | 7.13 Mb)
License info not available
warning

File under embargo until 22-05-2026