Attacks on Searchable Symmetric Encryption Systems

Abstract

The amount of data individuals create keeps increasing every year to the point that the data cannot be stored on a single device anymore. Cloud storage provides a solution for this problem, but not everybody wants the cloud storage service providers to peek at their data and they thus encrypt their data before storing it on the service provider's servers. Unfortunately, due to the way encryption works, the users are not able to perform simple actions on their data, like for example keyword search. However with Searchable Symmetric Encryption (SSE) the users can still perform keyword search on their data when their data is encrypted. With the use of SSE, there is some information that is being exposed about the data that is being stored on the system, called leakage. This leakage can be used by attackers in an attack to perform query recovery.

Currently existing attacks are mostly known-data attacks which assume that the attacker already has access to a large part of the plaintexts stored on the system. However this is very unlikely in real-world scenarios. A few papers focus on similar-data attacks which have a slightly different assumption. With similar-data attacks, the assumption is that the attacker has a similar document set to the document set stored on the SSE system. These attacks are therefore more realistic than known-data attacks, but the best similar-data attack still has some flaws.

Therefore, in this thesis, we propose a new attack that is based on an already existing similar-data query recovery attack. This new attack is a combination of a file injection attack and a similar-data attack. This new attack achieves a higher accuracy than the best similar-data and known-data attacks, while injecting only a few files into the SSE system. To the best of our knowledge this is the first similar-data attack with a file injection component. The new attack is also more resilient to countermeasures such as padding and obfuscation.