STUDY SPACE
SWiSSSE: System-Wide Security for Searchable Symmetric Encryption

SWiSSSE: System-Wide Security for Searchable Symmetric Encryption

2024 | Zichen Gui, Kenneth G. Paterson, Sikhar Patranabhis, Bogdan Warinschi
This paper introduces SWiSSSE, a novel approach to searchable symmetric encryption (SSE) that addresses system-wide leakage, a critical privacy concern in end-to-end SSE systems. The authors propose a comprehensive security model and definition for SSE, considering leakage from both the encrypted index and the encrypted database documents. They demonstrate that existing SSE schemes are vulnerable to system-wide leakage attacks, which can be exploited to break query privacy guarantees. To mitigate these attacks, SWiSSSE employs two key techniques: keyword frequency bucketization and delayed, pseudorandom write-backs. Bucketization pads keywords to equalize their frequency within buckets, reducing volume leakage. Write-backs update encrypted data pseudorandomly after each query, disrupting access patterns and preventing correlation between search operations. The proposed scheme is proven secure under the new system-wide security definition and shows strong resistance to leakage-abuse attacks with moderate overheads. Experimental results show that SWiSSSE scales well to large databases and provides efficient search performance, making it a practical solution for end-to-end SSE systems.This paper introduces SWiSSSE, a novel approach to searchable symmetric encryption (SSE) that addresses system-wide leakage, a critical privacy concern in end-to-end SSE systems. The authors propose a comprehensive security model and definition for SSE, considering leakage from both the encrypted index and the encrypted database documents. They demonstrate that existing SSE schemes are vulnerable to system-wide leakage attacks, which can be exploited to break query privacy guarantees. To mitigate these attacks, SWiSSSE employs two key techniques: keyword frequency bucketization and delayed, pseudorandom write-backs. Bucketization pads keywords to equalize their frequency within buckets, reducing volume leakage. Write-backs update encrypted data pseudorandomly after each query, disrupting access patterns and preventing correlation between search operations. The proposed scheme is proven secure under the new system-wide security definition and shows strong resistance to leakage-abuse attacks with moderate overheads. Experimental results show that SWiSSSE scales well to large databases and provides efficient search performance, making it a practical solution for end-to-end SSE systems.
Terms of Service
Privacy Policy
Reach us at info@study.space
Understanding SWiSSSE%3A System-Wide Security for Searchable Symmetric Encryption