Off-line keyword guessing attacks on recent keyword search schemes over encrypted data

Jin Wook Byun, Hyun Suk Rhee, Hyun A. Park, Dong Hoon Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

174 Citations (Scopus)

Abstract

A keyword search scheme over encrypted documents allows for remote keyword search of documents by a user in possession of a trapdoor (secret key). A data supplier first uploads encrypted documents on a storage system, and then a user of the storage system searches documents containing keywords while insider (such as administrators of the storage system) and outsider attackers do not learn anything else about the documents. In this paper, we firstly raise a serious vulnerability of recent keyword search schemes, which lies in the fact that keywords are chosen from much smaller space than passwords and users usually use well-known keywords for search of document. Hence this fact sufficiently gives rise to an off-line keyword guessing attack. Unfortunately, we observe that the recent public key-based keyword search schemes are susceptible to an off-line keyword guessing attack. We demonstrated that anyone (insider/outsider) can retrieve information of certain keyword from any captured query messages.

Original languageEnglish
Title of host publicationSecure Data Management - Third VLDB Workshop, SDM 2006, Proceedings
PublisherSpringer Verlag
Pages75-83
Number of pages9
ISBN (Print)3540389849, 9783540389842
Publication statusPublished - 2006 Jan 1
Event3rd VLDB Workshop on Secure Data Management, SDM 2006 - Seoul, Korea, Republic of
Duration: 2006 Sep 102006 Sep 11

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4165 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other3rd VLDB Workshop on Secure Data Management, SDM 2006
CountryKorea, Republic of
CitySeoul
Period06/9/1006/9/11

Keywords

  • Database security and privacy
  • Keyword search on encrypted data
  • Off-line keyword guessing attack

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Off-line keyword guessing attacks on recent keyword search schemes over encrypted data'. Together they form a unique fingerprint.

  • Cite this

    Byun, J. W., Rhee, H. S., Park, H. A., & Lee, D. H. (2006). Off-line keyword guessing attacks on recent keyword search schemes over encrypted data. In Secure Data Management - Third VLDB Workshop, SDM 2006, Proceedings (pp. 75-83). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4165 LNCS). Springer Verlag.