Searchable Encrypted Relational Databases: Risks and Countermeasures

Mohamed Ahmed Abdelraheem, Tobias Andersson, Christian Gehrmann

Research output: Contribution to specialist publication or newspaperSpecialist publication articleResearch

Abstract

We point out the risks of protecting relational databases via Searchable Symmetric Encryption (SSE) schemes by proposing an inference attack exploiting the structural properties of relational databases. We show that record-injection attacks mounted on relational databases have worse consequences than their file-injection counterparts on un- structured databases. Moreover, we discuss some techniques to reduce the effectiveness of inference attacks exploiting the access pattern leakage existing in SSE schemes. To the best of our knowledge, this is the first work that investigates the security of relational databases protected by SSE schemes.
Original languageEnglish
Pages1-20
Number of pages20
Volume2017
No.24
Specialist publicationCryptology ePrint Archive
PublisherIACR
Publication statusPublished - 2017 Jan 10

Subject classification (UKÄ)

  • Other Electrical Engineering, Electronic Engineering, Information Engineering

Free keywords

  • searchable symmetric encryption
  • relational databases
  • inference attacks
  • injection attacks
  • privacy constraints
  • vertical fragmentation

Fingerprint

Dive into the research topics of 'Searchable Encrypted Relational Databases: Risks and Countermeasures'. Together they form a unique fingerprint.

Cite this