The Power of Bamboo

None, None; None, None; None, None; None, None; None, None; None, None; None, None

The Power of Bamboo

On the Post-Compromise Security for Searchable Symmetric Encryption

Conference Paper (2023)

Author(s)

Tianyang Chen (Huazhong University of Science and Technology, National Engineering Research Center for Big Data Technology and System)

Peng Xu (Huazhong University of Science and Technology, National Engineering Research Center for Big Data Technology and System)

Stjepan Picek (TU Delft - Cyber Security, Radboud Universiteit Nijmegen)

Bo Luo (The University of Kansas)

Willy Susilo (University of Wollongong)

Hai Jin (National Engineering Research Center for Big Data Technology and System, Huazhong University of Science and Technology)

Kaitai Liang (TU Delft - Cyber Security)

DOI related publication

https://doi.org/10.14722/ndss.2023.24725 Final published version

To reference this document use

https://resolver.tudelft.nl/uuid:dc2f6c3d-3a35-4d1d-9a24-5e44f47592c5

More Info

expand_more

Publication Year

2023

Language

English

Bibliographical Note

Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.

Publisher

The Internet Society

ISBN (electronic)

['1891562835', '9781891562839']

Event

Downloads counter

270

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

Dynamic searchable symmetric encryption (DSSE) enables users to delegate the keyword search over dynamically updated encrypted databases to an honest-but-curious server without losing keyword privacy. This paper studies a new and practical security risk to DSSE, namely, secret key compromise (e.g., a user’s secret key is leaked or stolen), which threatens all the security guarantees offered by existing DSSE schemes. To address this open problem, we introduce the notion of searchable encryption with key-update (SEKU) that provides users with the option of non-interactive key updates. We further define the notion of post-compromise secure with respect to leakage functions to study whether DSSE schemes can still provide data security after the client’s secret key is compromised. We demonstrate that post-compromise security is achievable with a proposed protocol called “Bamboo”. Interestingly, the leakage functions of Bamboo satisfy the requirements for both forward and backward security. We conduct a performance evaluation of Bamboo using a real-world dataset and compare its runtime efficiency with the existing forward-and-backward secure DSSE schemes. The result shows that Bamboo provides strong security with better or comparable performance.

Files

Ndss2023_f725_paper-1.pdf

(pdf | 0.893 Mb)

- Embargo expired in 10-02-2025

License info not available