Secure and practical Searchable Encryption: a position paper

Shujie Cui; Muhammad Rizwan Asghar; Steven D. Galbraith; Giovanni Russello

doi:10.1007/978-3-319-60055-0_14

Secure and practical Searchable Encryption: a position paper

Shujie Cui, Muhammad Rizwan Asghar, Steven D. Galbraith, Giovanni Russello

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research

6 Citations (Scopus)

Abstract

Searchable Encryption (SE) makes it possible for users to outsource an encrypted database and search operations to cloud service providers without leaking the content of data or queries to them. A number of SE schemes have been proposed in the literature; however, most of them leak a significant amount of information that could lead to inference attacks. To minimise information leakage, there are a number of solutions, such as Oblivious Random Access Memory (ORAM) and Private Information Retrieval (PIR). Unfortunately, existing solutions are prohibitively costly and impractical. A practical scheme should support not only a lightweight user client but also a flexible key management mechanism for multi-user access. In this position paper, we briefly analyse several leakage-based attacks, and identify a set of requirements for a searchable encryption system for cloud database storage to be secure against these attacks while ensuring usability of the system. We also discuss several possible solutions to fulfil the identified requirements.

Original language	English
Title of host publication	Information Security and Privacy
Subtitle of host publication	22nd Australasian Conference, ACISP 2017 Auckland, New Zealand, July 3–5, 2017 Proceedings, Part I
Editors	Josef Pieprzyk, Suriadi Suriadi
Place of Publication	Cham Switzerland
Publisher	Springer
Pages	266-281
Number of pages	16
ISBN (Electronic)	9783319600550
ISBN (Print)	9783319600543
DOIs	https://doi.org/10.1007/978-3-319-60055-0_14
Publication status	Published - 2017
Externally published	Yes
Event	Australasian Conference on Information Security and Privacy 2017 - Massey University, Auckland, New Zealand Duration: 3 Jul 2017 → 5 Jul 2017 Conference number: 22nd http://acisp.massey.ac.nz/ https://link.springer.com/book/10.1007/978-3-319-60055-0 (Proceedings)

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	10342
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	Australasian Conference on Information Security and Privacy 2017
Abbreviated title	ACISP 2017
Country	New Zealand
City	Auckland
Period	3/07/17 → 5/07/17
Other	The 22nd Australasian Conference on Information Security and Privacy (ACISP) will be held in Auckland New Zealand on 3-5 July 2017, organised by Massey University in collaboration with other New Zealand universities. ACISP has been running annually since 1996. Now in its 22nd year, is an established key forum for international researchers and industry experts to present and discuss the latest research, trends, breakthroughs, and challenges in the domain of information security and privacy.
Internet address	http://acisp.massey.ac.nz/ https://link.springer.com/book/10.1007/978-3-319-60055-0 (Proceedings)

Access to Document

10.1007/978-3-319-60055-0_14

Link to publication in Scopus

Cite this

Cui, S., Asghar, M. R., Galbraith, S. D., & Russello, G. (2017). Secure and practical Searchable Encryption: a position paper. In J. Pieprzyk, & S. Suriadi (Eds.), Information Security and Privacy: 22nd Australasian Conference, ACISP 2017 Auckland, New Zealand, July 3–5, 2017 Proceedings, Part I (pp. 266-281). (Lecture Notes in Computer Science ; Vol. 10342). Springer. https://doi.org/10.1007/978-3-319-60055-0_14

Cui, Shujie ; Asghar, Muhammad Rizwan ; Galbraith, Steven D. ; Russello, Giovanni. / Secure and practical Searchable Encryption : a position paper. Information Security and Privacy: 22nd Australasian Conference, ACISP 2017 Auckland, New Zealand, July 3–5, 2017 Proceedings, Part I. editor / Josef Pieprzyk ; Suriadi Suriadi. Cham Switzerland : Springer, 2017. pp. 266-281 (Lecture Notes in Computer Science ).

@inproceedings{da99f824675a49e59fac288f59973aaa,

title = "Secure and practical Searchable Encryption: a position paper",

abstract = "Searchable Encryption (SE) makes it possible for users to outsource an encrypted database and search operations to cloud service providers without leaking the content of data or queries to them. A number of SE schemes have been proposed in the literature; however, most of them leak a significant amount of information that could lead to inference attacks. To minimise information leakage, there are a number of solutions, such as Oblivious Random Access Memory (ORAM) and Private Information Retrieval (PIR). Unfortunately, existing solutions are prohibitively costly and impractical. A practical scheme should support not only a lightweight user client but also a flexible key management mechanism for multi-user access. In this position paper, we briefly analyse several leakage-based attacks, and identify a set of requirements for a searchable encryption system for cloud database storage to be secure against these attacks while ensuring usability of the system. We also discuss several possible solutions to fulfil the identified requirements.",

author = "Shujie Cui and Asghar, {Muhammad Rizwan} and Galbraith, {Steven D.} and Giovanni Russello",

year = "2017",

doi = "10.1007/978-3-319-60055-0_14",

language = "English",

isbn = "9783319600543",

series = "Lecture Notes in Computer Science ",

publisher = "Springer",

pages = "266--281",

editor = "Josef Pieprzyk and Suriadi Suriadi",

booktitle = "Information Security and Privacy",

note = "Australasian Conference on Information Security and Privacy 2017, ACISP 2017 ; Conference date: 03-07-2017 Through 05-07-2017",

url = "http://acisp.massey.ac.nz/, https://link.springer.com/book/10.1007/978-3-319-60055-0",

}

Cui, S, Asghar, MR, Galbraith, SD & Russello, G 2017, Secure and practical Searchable Encryption: a position paper. in J Pieprzyk & S Suriadi (eds), Information Security and Privacy: 22nd Australasian Conference, ACISP 2017 Auckland, New Zealand, July 3–5, 2017 Proceedings, Part I. Lecture Notes in Computer Science , vol. 10342, Springer, Cham Switzerland, pp. 266-281, Australasian Conference on Information Security and Privacy 2017, Auckland, New Zealand, 3/07/17. https://doi.org/10.1007/978-3-319-60055-0_14

Secure and practical Searchable Encryption : a position paper. / Cui, Shujie; Asghar, Muhammad Rizwan; Galbraith, Steven D.; Russello, Giovanni.

Information Security and Privacy: 22nd Australasian Conference, ACISP 2017 Auckland, New Zealand, July 3–5, 2017 Proceedings, Part I. ed. / Josef Pieprzyk; Suriadi Suriadi. Cham Switzerland : Springer, 2017. p. 266-281 (Lecture Notes in Computer Science ; Vol. 10342).

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research

TY - GEN

T1 - Secure and practical Searchable Encryption

T2 - Australasian Conference on Information Security and Privacy 2017

AU - Cui, Shujie

AU - Asghar, Muhammad Rizwan

AU - Galbraith, Steven D.

AU - Russello, Giovanni

N1 - Conference code: 22nd

PY - 2017

Y1 - 2017

N2 - Searchable Encryption (SE) makes it possible for users to outsource an encrypted database and search operations to cloud service providers without leaking the content of data or queries to them. A number of SE schemes have been proposed in the literature; however, most of them leak a significant amount of information that could lead to inference attacks. To minimise information leakage, there are a number of solutions, such as Oblivious Random Access Memory (ORAM) and Private Information Retrieval (PIR). Unfortunately, existing solutions are prohibitively costly and impractical. A practical scheme should support not only a lightweight user client but also a flexible key management mechanism for multi-user access. In this position paper, we briefly analyse several leakage-based attacks, and identify a set of requirements for a searchable encryption system for cloud database storage to be secure against these attacks while ensuring usability of the system. We also discuss several possible solutions to fulfil the identified requirements.

AB - Searchable Encryption (SE) makes it possible for users to outsource an encrypted database and search operations to cloud service providers without leaking the content of data or queries to them. A number of SE schemes have been proposed in the literature; however, most of them leak a significant amount of information that could lead to inference attacks. To minimise information leakage, there are a number of solutions, such as Oblivious Random Access Memory (ORAM) and Private Information Retrieval (PIR). Unfortunately, existing solutions are prohibitively costly and impractical. A practical scheme should support not only a lightweight user client but also a flexible key management mechanism for multi-user access. In this position paper, we briefly analyse several leakage-based attacks, and identify a set of requirements for a searchable encryption system for cloud database storage to be secure against these attacks while ensuring usability of the system. We also discuss several possible solutions to fulfil the identified requirements.

UR - http://www.scopus.com/inward/record.url?scp=85020664451&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-60055-0_14

DO - 10.1007/978-3-319-60055-0_14

M3 - Conference Paper

AN - SCOPUS:85020664451

SN - 9783319600543

T3 - Lecture Notes in Computer Science

SP - 266

EP - 281

BT - Information Security and Privacy

A2 - Pieprzyk, Josef

A2 - Suriadi, Suriadi

PB - Springer

CY - Cham Switzerland

Y2 - 3 July 2017 through 5 July 2017

ER -

Cui S, Asghar MR, Galbraith SD, Russello G. Secure and practical Searchable Encryption: a position paper. In Pieprzyk J, Suriadi S, editors, Information Security and Privacy: 22nd Australasian Conference, ACISP 2017 Auckland, New Zealand, July 3–5, 2017 Proceedings, Part I. Cham Switzerland: Springer. 2017. p. 266-281. (Lecture Notes in Computer Science ). https://doi.org/10.1007/978-3-319-60055-0_14