@inproceedings{472297833396419f989bea143fbeb277,
title = "Off-line keyword guessing attacks on recent keyword search schemes over encrypted data",
abstract = "A keyword search scheme over encrypted documents allows for remote keyword search of documents by a user in possession of a trapdoor (secret key). A data supplier first uploads encrypted documents on a storage system, and then a user of the storage system searches documents containing keywords while insider (such as administrators of the storage system) and outsider attackers do not learn anything else about the documents. In this paper, we firstly raise a serious vulnerability of recent keyword search schemes, which lies in the fact that keywords are chosen from much smaller space than passwords and users usually use well-known keywords for search of document. Hence this fact sufficiently gives rise to an off-line keyword guessing attack. Unfortunately, we observe that the recent public key-based keyword search schemes are susceptible to an off-line keyword guessing attack. We demonstrated that anyone (insider/outsider) can retrieve information of certain keyword from any captured query messages.",
keywords = "Database security and privacy, Keyword search on encrypted data, Off-line keyword guessing attack",
author = "Byun, {Jin Wook} and Rhee, {Hyun Suk} and Park, {Hyun A.} and Lee, {Dong Hoon}",
year = "2006",
doi = "10.1007/11844662_6",
language = "English",
isbn = "3540389849",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "75--83",
booktitle = "Secure Data Management - Third VLDB Workshop, SDM 2006, Proceedings",
note = "3rd VLDB Workshop on Secure Data Management, SDM 2006 ; Conference date: 10-09-2006 Through 11-09-2006",
}