S. Kamara, Abdelkarim Kati, Tarik Moataz, Jamie DeMaria, Andrew Park, Amos Treiber
{"title":"MAPLE:对加密搜索的马尔科夫进程泄漏攻击","authors":"S. Kamara, Abdelkarim Kati, Tarik Moataz, Jamie DeMaria, Andrew Park, Amos Treiber","doi":"10.56553/popets-2024-0025","DOIUrl":null,"url":null,"abstract":"Encrypted search algorithms (ESAs) enable private search on encrypted data and can be constructed from a variety of cryptographic primitives. All knownsub-linear ESA algorithms leak information and, therefore, the design of leakage attacks is an important way to ascertain whether a given leakage profile is exploitable in practice. Recently,Oya and Kerschbaum(Usenix '22) presented an attack called IHOP that targets the query equality pattern which reveals if and when two queries are for the same keyword of a sequence of dependent queries. In this work, we continue the study of query equality leakage on dependent queries and present two new attacks in this setting which can work either as known-distribution or known-sample attacks. They model query distributions as Markov processes and leverage insights and techniques from stochastic processes and machine learning. We implement our attacks and evaluate them on real-world query logs. Our experiments show that they outperform the state-of-the-art in most settings but also have limitations inpractical settings.","PeriodicalId":13158,"journal":{"name":"IACR Cryptol. ePrint Arch.","volume":"19 23","pages":"810"},"PeriodicalIF":0.0000,"publicationDate":"2024-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"MAPLE: MArkov Process Leakage attacks on Encrypted Search\",\"authors\":\"S. Kamara, Abdelkarim Kati, Tarik Moataz, Jamie DeMaria, Andrew Park, Amos Treiber\",\"doi\":\"10.56553/popets-2024-0025\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Encrypted search algorithms (ESAs) enable private search on encrypted data and can be constructed from a variety of cryptographic primitives. All knownsub-linear ESA algorithms leak information and, therefore, the design of leakage attacks is an important way to ascertain whether a given leakage profile is exploitable in practice. Recently,Oya and Kerschbaum(Usenix '22) presented an attack called IHOP that targets the query equality pattern which reveals if and when two queries are for the same keyword of a sequence of dependent queries. In this work, we continue the study of query equality leakage on dependent queries and present two new attacks in this setting which can work either as known-distribution or known-sample attacks. They model query distributions as Markov processes and leverage insights and techniques from stochastic processes and machine learning. We implement our attacks and evaluate them on real-world query logs. Our experiments show that they outperform the state-of-the-art in most settings but also have limitations inpractical settings.\",\"PeriodicalId\":13158,\"journal\":{\"name\":\"IACR Cryptol. ePrint Arch.\",\"volume\":\"19 23\",\"pages\":\"810\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IACR Cryptol. ePrint Arch.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.56553/popets-2024-0025\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IACR Cryptol. ePrint Arch.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.56553/popets-2024-0025","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
摘要
加密搜索算法(ESAs)可以对加密数据进行私密搜索,并可由多种加密原语构建而成。所有已知的次线性 ESA 算法都会泄漏信息,因此,设计泄漏攻击是确定给定泄漏特征在实践中是否可被利用的重要方法。最近,Oya 和 Kerschbaum(Usenix '22)提出了一种名为 IHOP 的攻击,其目标是查询相等模式,该模式可以揭示两个查询是否以及何时是针对一连串依赖查询中的相同关键字。在这项工作中,我们将继续研究依赖查询的查询相等泄漏问题,并在此环境中提出两种新的攻击,它们既可以作为已知分布攻击,也可以作为已知样本攻击。它们将查询分布建模为马尔可夫过程,并利用了随机过程和机器学习的见解和技术。我们在真实世界的查询日志上实现了我们的攻击并对其进行了评估。实验表明,它们在大多数情况下都优于最先进的技术,但在实际应用中也有局限性。
MAPLE: MArkov Process Leakage attacks on Encrypted Search
Encrypted search algorithms (ESAs) enable private search on encrypted data and can be constructed from a variety of cryptographic primitives. All knownsub-linear ESA algorithms leak information and, therefore, the design of leakage attacks is an important way to ascertain whether a given leakage profile is exploitable in practice. Recently,Oya and Kerschbaum(Usenix '22) presented an attack called IHOP that targets the query equality pattern which reveals if and when two queries are for the same keyword of a sequence of dependent queries. In this work, we continue the study of query equality leakage on dependent queries and present two new attacks in this setting which can work either as known-distribution or known-sample attacks. They model query distributions as Markov processes and leverage insights and techniques from stochastic processes and machine learning. We implement our attacks and evaluate them on real-world query logs. Our experiments show that they outperform the state-of-the-art in most settings but also have limitations inpractical settings.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
