Go to ACISP 2017 homepageSecure and Practical Searchable Encryption: A Position Paper
Abstract: Searchable Encryption (SE) makes it possible for users to outsource an encrypted database and search operations to cloud service providers without leaking the content of data or queries to them. A number of SE schemes have been proposed in the literature; however, most of them leak a significant amount of information that could lead to inference attacks. To minimise information leakage, there are a number of solutions, such as Oblivious Random Access Memory (ORAM) and Private Information Retrieval (PIR). Unfortunately, existing solutions are prohibitively costly and impractical. A practical scheme should support not only a lightweight user client but also a flexible key management mechanism for multi-user access. In this position paper, we briefly analyse several leakage-based attacks, and identify a set of requirements for a searchable encryption system for cloud database storage to be secure against these attacks while ensuring usability of the system. We also discuss several possible solutions to fulfil the identified requirements.
0 Replies
Loading