Accelerating forward and backward private searchable encryption using trusted execution

Viet Vo; Shangqi Lai; Xingliang Yuan; Shi-Feng Sun; Surya Nepal; Joseph K. Liu

doi:10.1007/978-3-030-57878-7_5

Accelerating forward and backward private searchable encryption using trusted execution

Viet Vo, Shangqi Lai, Xingliang Yuan, Shi-Feng Sun, Surya Nepal, Joseph K. Liu

Department of Software Systems & Cybersecurity

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

12 Citations (Scopus)

Abstract

Searchable encryption (SE) is one of the key enablers for building encrypted databases. It allows a cloud server to search over encrypted data without decryption. Dynamic SE additionally includes data addition and deletion operations to enrich the functions of encrypted databases. Recent attacks exploiting the leakage in dynamic operations drive the rapid development of SE schemes revealing less information while performing updates; they are also known as forward and backward private SE. Newly added data is no longer linkable to queries issued before, and deleted data is no longer searchable in queries issued later. However, those advanced SE schemes reduce the efficiency of SE, especially in the communication cost between the client and server. In this paper, we resort to the hardware-assisted solution, aka Intel SGX, to ease the above bottleneck. Our key idea is to leverage SGX to take over most tasks of the client, i.e., tracking keyword states along with data addition and caching deleted data. However, handling large datasets is non-trivial due to the I/O and memory constraints of SGX. We further develop batch data processing and state compression techniques to reduce the communication overhead between the SGX and untrusted server and minimise the memory footprint within the enclave. We conduct a comprehensive set of evaluations on both synthetic and real-world datasets, which confirm that our designs outperform the prior art.

Original language	English
Title of host publication	Applied Cryptography and Network Security
Subtitle of host publication	18th International Conference, ACNS 2020 Rome, Italy, October 19–22, 2020 Proceedings, Part II
Editors	Mauro Conti, Jianying Zhou, Emiliano Casalicchio, Angelo Spognardi
Place of Publication	Cham Switzerland
Publisher	Springer
Pages	83-103
Number of pages	21
ISBN (Electronic)	9783030578787
ISBN (Print)	9783030578770
DOIs	https://doi.org/10.1007/978-3-030-57878-7_5
Publication status	Published - 2020
Event	International Conference on Applied Cryptography and Network Security 2020 - Rome, Italy Duration: 19 Oct 2020 → 22 Oct 2020 Conference number: 18th https://link.springer.com/chapter/10.1007%2F978-3-030-57878-7_5 (Proceedings) https://sites.google.com/di.uniroma1.it/ACNS2020 (Website)

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	12147
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	International Conference on Applied Cryptography and Network Security 2020
Abbreviated title	ACNS 2020
Country/Territory	Italy
City	Rome
Period	19/10/20 → 22/10/20
Internet address	https://link.springer.com/chapter/10.1007%2F978-3-030-57878-7_5 (Proceedings) https://sites.google.com/di.uniroma1.it/ACNS2020 (Website)

Access to Document

10.1007/978-3-030-57878-7_5

Cite this

Vo, V., Lai, S., Yuan, X., Sun, S-F., Nepal, S., & Liu, J. K. (2020). Accelerating forward and backward private searchable encryption using trusted execution. In M. Conti, J. Zhou, E. Casalicchio, & A. Spognardi (Eds.), Applied Cryptography and Network Security : 18th International Conference, ACNS 2020 Rome, Italy, October 19–22, 2020 Proceedings, Part II (pp. 83-103). (Lecture Notes in Computer Science ; Vol. 12147 ). Springer. https://doi.org/10.1007/978-3-030-57878-7_5

Vo, Viet ; Lai, Shangqi ; Yuan, Xingliang et al. / Accelerating forward and backward private searchable encryption using trusted execution. Applied Cryptography and Network Security : 18th International Conference, ACNS 2020 Rome, Italy, October 19–22, 2020 Proceedings, Part II. editor / Mauro Conti ; Jianying Zhou ; Emiliano Casalicchio ; Angelo Spognardi. Cham Switzerland : Springer, 2020. pp. 83-103 (Lecture Notes in Computer Science ).

@inproceedings{d91f860abbb34b66bc39d07faaca740f,

title = "Accelerating forward and backward private searchable encryption using trusted execution",

abstract = "Searchable encryption (SE) is one of the key enablers for building encrypted databases. It allows a cloud server to search over encrypted data without decryption. Dynamic SE additionally includes data addition and deletion operations to enrich the functions of encrypted databases. Recent attacks exploiting the leakage in dynamic operations drive the rapid development of SE schemes revealing less information while performing updates; they are also known as forward and backward private SE. Newly added data is no longer linkable to queries issued before, and deleted data is no longer searchable in queries issued later. However, those advanced SE schemes reduce the efficiency of SE, especially in the communication cost between the client and server. In this paper, we resort to the hardware-assisted solution, aka Intel SGX, to ease the above bottleneck. Our key idea is to leverage SGX to take over most tasks of the client, i.e., tracking keyword states along with data addition and caching deleted data. However, handling large datasets is non-trivial due to the I/O and memory constraints of SGX. We further develop batch data processing and state compression techniques to reduce the communication overhead between the SGX and untrusted server and minimise the memory footprint within the enclave. We conduct a comprehensive set of evaluations on both synthetic and real-world datasets, which confirm that our designs outperform the prior art.",

author = "Viet Vo and Shangqi Lai and Xingliang Yuan and Shi-Feng Sun and Surya Nepal and Liu, {Joseph K.}",

year = "2020",

doi = "10.1007/978-3-030-57878-7_5",

language = "English",

isbn = "9783030578770",

series = "Lecture Notes in Computer Science ",

publisher = "Springer",

pages = "83--103",

editor = "Mauro Conti and Jianying Zhou and Emiliano Casalicchio and Angelo Spognardi",

booktitle = "Applied Cryptography and Network Security",

note = "International Conference on Applied Cryptography and Network Security 2020, ACNS 2020 ; Conference date: 19-10-2020 Through 22-10-2020",

url = "https://link.springer.com/chapter/10.1007%2F978-3-030-57878-7_5, https://sites.google.com/di.uniroma1.it/ACNS2020",

}

Vo, V, Lai, S, Yuan, X, Sun, S-F, Nepal, S & Liu, JK 2020, Accelerating forward and backward private searchable encryption using trusted execution. in M Conti, J Zhou, E Casalicchio & A Spognardi (eds), Applied Cryptography and Network Security : 18th International Conference, ACNS 2020 Rome, Italy, October 19–22, 2020 Proceedings, Part II. Lecture Notes in Computer Science , vol. 12147 , Springer, Cham Switzerland, pp. 83-103, International Conference on Applied Cryptography and Network Security 2020, Rome, Italy, 19/10/20. https://doi.org/10.1007/978-3-030-57878-7_5

Accelerating forward and backward private searchable encryption using trusted execution. / Vo, Viet; Lai, Shangqi; Yuan, Xingliang et al.
Applied Cryptography and Network Security : 18th International Conference, ACNS 2020 Rome, Italy, October 19–22, 2020 Proceedings, Part II. ed. / Mauro Conti; Jianying Zhou; Emiliano Casalicchio; Angelo Spognardi. Cham Switzerland: Springer, 2020. p. 83-103 (Lecture Notes in Computer Science ; Vol. 12147 ).

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - Accelerating forward and backward private searchable encryption using trusted execution

AU - Vo, Viet

AU - Lai, Shangqi

AU - Yuan, Xingliang

AU - Sun, Shi-Feng

AU - Nepal, Surya

AU - Liu, Joseph K.

N1 - Conference code: 18th

PY - 2020

Y1 - 2020

N2 - Searchable encryption (SE) is one of the key enablers for building encrypted databases. It allows a cloud server to search over encrypted data without decryption. Dynamic SE additionally includes data addition and deletion operations to enrich the functions of encrypted databases. Recent attacks exploiting the leakage in dynamic operations drive the rapid development of SE schemes revealing less information while performing updates; they are also known as forward and backward private SE. Newly added data is no longer linkable to queries issued before, and deleted data is no longer searchable in queries issued later. However, those advanced SE schemes reduce the efficiency of SE, especially in the communication cost between the client and server. In this paper, we resort to the hardware-assisted solution, aka Intel SGX, to ease the above bottleneck. Our key idea is to leverage SGX to take over most tasks of the client, i.e., tracking keyword states along with data addition and caching deleted data. However, handling large datasets is non-trivial due to the I/O and memory constraints of SGX. We further develop batch data processing and state compression techniques to reduce the communication overhead between the SGX and untrusted server and minimise the memory footprint within the enclave. We conduct a comprehensive set of evaluations on both synthetic and real-world datasets, which confirm that our designs outperform the prior art.

AB - Searchable encryption (SE) is one of the key enablers for building encrypted databases. It allows a cloud server to search over encrypted data without decryption. Dynamic SE additionally includes data addition and deletion operations to enrich the functions of encrypted databases. Recent attacks exploiting the leakage in dynamic operations drive the rapid development of SE schemes revealing less information while performing updates; they are also known as forward and backward private SE. Newly added data is no longer linkable to queries issued before, and deleted data is no longer searchable in queries issued later. However, those advanced SE schemes reduce the efficiency of SE, especially in the communication cost between the client and server. In this paper, we resort to the hardware-assisted solution, aka Intel SGX, to ease the above bottleneck. Our key idea is to leverage SGX to take over most tasks of the client, i.e., tracking keyword states along with data addition and caching deleted data. However, handling large datasets is non-trivial due to the I/O and memory constraints of SGX. We further develop batch data processing and state compression techniques to reduce the communication overhead between the SGX and untrusted server and minimise the memory footprint within the enclave. We conduct a comprehensive set of evaluations on both synthetic and real-world datasets, which confirm that our designs outperform the prior art.

UR - http://www.scopus.com/inward/record.url?scp=85091279746&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-57878-7_5

DO - 10.1007/978-3-030-57878-7_5

M3 - Conference Paper

AN - SCOPUS:85091279746

SN - 9783030578770

T3 - Lecture Notes in Computer Science

SP - 83

EP - 103

BT - Applied Cryptography and Network Security

A2 - Conti, Mauro

A2 - Zhou, Jianying

A2 - Casalicchio, Emiliano

A2 - Spognardi, Angelo

PB - Springer

CY - Cham Switzerland

T2 - International Conference on Applied Cryptography and Network Security 2020

Y2 - 19 October 2020 through 22 October 2020

ER -

Vo V, Lai S, Yuan X, Sun S-F, Nepal S, Liu JK. Accelerating forward and backward private searchable encryption using trusted execution. In Conti M, Zhou J, Casalicchio E, Spognardi A, editors, Applied Cryptography and Network Security : 18th International Conference, ACNS 2020 Rome, Italy, October 19–22, 2020 Proceedings, Part II. Cham Switzerland: Springer. 2020. p. 83-103. (Lecture Notes in Computer Science ). doi: 10.1007/978-3-030-57878-7_5

Accelerating forward and backward private searchable encryption using trusted execution

Abstract

Publication series

Conference

Access to Document

Other files and links

Encrypted, Distributed, and Queryable Data Store: Framework and Realisation

Cite this

Accelerating forward and backward private searchable encryption using trusted execution

Abstract

Publication series

Conference

Access to Document

Other files and links

Projects

Encrypted, Distributed, and Queryable Data Store: Framework and Realisation

Cite this