Print Email Facebook Twitter VAL Title VAL: Volume and Access Pattern Leakage-Abuse Attack with Leaked Documents Author Lambregts, Steven (Student TU Delft) Chen, H. (TU Delft Cyber Security) Ning, Jianting (Singapore Management University; Fujian Normal University) Liang, K. (TU Delft Cyber Security) Contributor Atluri, Vijayalakshmi (editor) Di Pietro, Roberto (editor) Jensen, Christian D. (editor) Meng, Weizhi (editor) Date 2022 Abstract Searchable Encryption schemes provide secure search over encrypted databases while allowing admitted information leakages. Generally, the leakages can be categorized into access and volume pattern. In most existing SE schemes, these leakages are caused by practical designs but are considered an acceptable price to achieve high search efficiency. Recent attacks have shown that such leakages could be easily exploited to retrieve the underlying keywords for search queries. Under the umbrella of attacking SE, we design a new Volume and Access Pattern Leakage-Abuse Attack (VAL-Attack) that improves the matching technique of LEAP (CCS ’21) and exploits both the access and volume patterns. Our proposed attack only leverages leaked documents and the keywords present in those documents as auxiliary knowledge and can effectively retrieve document and keyword matches from leaked data. Furthermore, the recovery performs without false positives. We further compare VAL-Attack with two recent well-defined attacks on several real-world datasets to highlight the effectiveness of our attack and present the performance under popular countermeasures. Subject Access patternAttackLeakageSearchable encryptionVolume pattern To reference this document use: http://resolver.tudelft.nl/uuid:37c3f1fc-fbfe-418b-a1fe-4ecfc62862da DOI https://doi.org/10.1007/978-3-031-17140-6_32 Publisher Springer, Cham Embargo date 2023-07-01 ISBN 978-3-031-17139-0 Source Computer Security – ESORICS 2022 - 27th European Symposium on Research in Computer Security, Proceedings Event 27th European Symposium on Research in Computer Security, ESORICS 2022, 2022-09-26 → 2022-09-30, Virtual, Online Series Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 0302-9743, 13554 Bibliographical note Green Open Access added to TU Delft Institutional Repository 'You share, we take care!' - Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public. Part of collection Institutional Repository Document type conference paper Rights © 2022 Steven Lambregts, H. Chen, Jianting Ning, K. Liang Files PDF 978_3_031_17140_6_32.pdf 1.71 MB Close viewer /islandora/object/uuid:37c3f1fc-fbfe-418b-a1fe-4ecfc62862da/datastream/OBJ/view