TY - GEN
T1 - Searchable Encrypted Relational Databases: Risks and Countermeasures
AU - Abdelraheem, Mohamed Ahmed
AU - Andersson, Tobias
AU - Gehrmann, Christian
PY - 2017/1/10
Y1 - 2017/1/10
N2 - We point out the risks of protecting relational databases via Searchable Symmetric Encryption (SSE) schemes by proposing an inference attack exploiting the structural properties of relational databases. We show that record-injection attacks mounted on relational databases have worse consequences than their file-injection counterparts on un- structured databases. Moreover, we discuss some techniques to reduce the effectiveness of inference attacks exploiting the access pattern leakage existing in SSE schemes. To the best of our knowledge, this is the first work that investigates the security of relational databases protected by SSE schemes.
AB - We point out the risks of protecting relational databases via Searchable Symmetric Encryption (SSE) schemes by proposing an inference attack exploiting the structural properties of relational databases. We show that record-injection attacks mounted on relational databases have worse consequences than their file-injection counterparts on un- structured databases. Moreover, we discuss some techniques to reduce the effectiveness of inference attacks exploiting the access pattern leakage existing in SSE schemes. To the best of our knowledge, this is the first work that investigates the security of relational databases protected by SSE schemes.
KW - searchable symmetric encryption
KW - relational databases
KW - inference attacks
KW - injection attacks
KW - privacy constraints
KW - vertical fragmentation
M3 - Specialist publication article
VL - 2017
SP - 1
EP - 20
JO - Cryptology ePrint Archive
JF - Cryptology ePrint Archive
PB - IACR
ER -