SoK: A Systematic Study of Attacks in Efficient Encrypted Cloud Data Search

Searchable encryption allows one to search encrypted data hosted by an untrusted cloud. In terms of efficiency, symmetric key-based searchable encryption is promising for practical deployment and has been a rich area of research. In the literature, there are mainly two lines of research accordingly: searchable symmetric encryption (SSE) for encrypted matching queries and order-preserving or order-revealing encryption (OPE/ORE) for encrypted range queries. Despite the efficiency, these searchable encryption techniques all allow leakages in their security frameworks and have been shown to be vulnerable to various attacks in recent years. There has been little work regarding a comprehensive investigation on these attacks. In this paper, we provide a systematic survey on the recent advances on attacks in efficient encrypted cloud data search backed by SSE or OPE/ORE. Specifically, we first provide a categorization of the adversary model from diverse dimensions. Then we systematically examine the existing attacks against SSE and OPE/ORE under different adversary types and the leakages allowed in the security frameworks. The goal of this paper is to provide pointers for understanding the security of efficient searchable encryption techniques and to call for further motivated research activities.