Abstract
We point out the risks of protecting relational databases via Searchable Symmetric Encryption (SSE) schemes by proposing an inference attack exploiting the structural properties of relational databases. We show that record-injection attacks mounted on relational databases have worse consequences than their file-injection counterparts on un- structured databases. Moreover, we discuss some techniques to reduce the effectiveness of inference attacks exploiting the access pattern leakage existing in SSE schemes. To the best of our knowledge, this is the first work that investigates the security of relational databases protected by SSE schemes.
Original language | English |
---|---|
Pages | 1-20 |
Number of pages | 20 |
Volume | 2017 |
No. | 24 |
Specialist publication | Cryptology ePrint Archive |
Publisher | IACR |
Publication status | Published - 2017 Jan 10 |
Subject classification (UKÄ)
- Other Electrical Engineering, Electronic Engineering, Information Engineering
Free keywords
- searchable symmetric encryption
- relational databases
- inference attacks
- injection attacks
- privacy constraints
- vertical fragmentation