SWiSSSE: System-Wide Security for Searchable Symmetric Encryption
This paper introduces a new approach to designing and analyzing searchable symmetric encryption (SSE) schemes, focusing on system-wide security. The authors propose a comprehensive security model that accounts for leakage from the entire SSE system, including access to encrypted indices and documents. They present a static SSE construction that meets this new security notion, using techniques like bucketization to hide query response volumes and delayed, pseudorandom write-backs to disrupt access patterns. Their implementation shows strong security against system-wide leakage attacks with moderate overhead, supporting large databases and efficient searches.
The paper highlights the importance of addressing system-wide leakage in SSE, which can be exploited to break privacy guarantees. Existing SSE schemes often focus only on the encrypted search index, neglecting leakage from document retrieval. The authors demonstrate that known leakage mitigation techniques cannot efficiently scale to entire encrypted databases. They propose SWiSSSE, a new static SSE scheme that supports efficient keyword searches over large document collections. SWiSSSE uses keyword frequency bucketization and delayed, pseudorandom write-backs to prevent leakage and ensure security.
The authors also show that SWiSSSE is secure against system-wide leakage-abuse attacks, including those proposed in [54]. They evaluate the performance of SWiSSSE, showing it can handle large databases with efficient search and storage. The scheme is implemented in Java using Redis as the underlying database. The authors also discuss ethical considerations regarding the use of the Enron email corpus for experiments.
SWiSSSE is designed to be secure against system-wide leakage attacks, with a focus on both index and document retrieval. The scheme uses a system-wide security definition that considers leakage during setup and searches. The authors compare SWiSSSE with other SSE schemes and techniques, showing its advantages in terms of security and efficiency. They also discuss related work, including ORAM and PIR-based approaches, and show that SWiSSSE offers better performance and security.
The paper concludes that SWiSSSE provides a practical and efficient solution for system-wide secure SSE, addressing the limitations of existing schemes and offering strong security against leakage-based attacks. The authors also discuss the extension of their approach to dynamic databases and the importance of system-wide security in SSE.SWiSSSE: System-Wide Security for Searchable Symmetric Encryption
This paper introduces a new approach to designing and analyzing searchable symmetric encryption (SSE) schemes, focusing on system-wide security. The authors propose a comprehensive security model that accounts for leakage from the entire SSE system, including access to encrypted indices and documents. They present a static SSE construction that meets this new security notion, using techniques like bucketization to hide query response volumes and delayed, pseudorandom write-backs to disrupt access patterns. Their implementation shows strong security against system-wide leakage attacks with moderate overhead, supporting large databases and efficient searches.
The paper highlights the importance of addressing system-wide leakage in SSE, which can be exploited to break privacy guarantees. Existing SSE schemes often focus only on the encrypted search index, neglecting leakage from document retrieval. The authors demonstrate that known leakage mitigation techniques cannot efficiently scale to entire encrypted databases. They propose SWiSSSE, a new static SSE scheme that supports efficient keyword searches over large document collections. SWiSSSE uses keyword frequency bucketization and delayed, pseudorandom write-backs to prevent leakage and ensure security.
The authors also show that SWiSSSE is secure against system-wide leakage-abuse attacks, including those proposed in [54]. They evaluate the performance of SWiSSSE, showing it can handle large databases with efficient search and storage. The scheme is implemented in Java using Redis as the underlying database. The authors also discuss ethical considerations regarding the use of the Enron email corpus for experiments.
SWiSSSE is designed to be secure against system-wide leakage attacks, with a focus on both index and document retrieval. The scheme uses a system-wide security definition that considers leakage during setup and searches. The authors compare SWiSSSE with other SSE schemes and techniques, showing its advantages in terms of security and efficiency. They also discuss related work, including ORAM and PIR-based approaches, and show that SWiSSSE offers better performance and security.
The paper concludes that SWiSSSE provides a practical and efficient solution for system-wide secure SSE, addressing the limitations of existing schemes and offering strong security against leakage-based attacks. The authors also discuss the extension of their approach to dynamic databases and the importance of system-wide security in SSE.