The Power of Bamboo: On the Post-Compromise Security for Searchable Symmetric Encryption
NDSS(2024)
摘要
Dynamic searchable symmetric encryption (DSSE) enables users to delegate the
keyword search over dynamically updated encrypted databases to an
honest-but-curious server without losing keyword privacy. This paper studies a
new and practical security risk to DSSE, namely, secret key compromise (e.g., a
user's secret key is leaked or stolen), which threatens all the security
guarantees offered by existing DSSE schemes. To address this open problem, we
introduce the notion of searchable encryption with key-update (SEKU) that
provides users with the option of non-interactive key updates. We further
define the notion of post-compromise secure with respect to leakage functions
to study whether DSSE schemes can still provide data security after the
client's secret key is compromised. We demonstrate that post-compromise
security is achievable with a proposed protocol called “Bamboo".
Interestingly, the leakage functions of Bamboo satisfy the requirements for
both forward and backward security. We conduct a performance evaluation of
Bamboo using a real-world dataset and compare its runtime efficiency with the
existing forward-and-backward secure DSSE schemes. The result shows that Bamboo
provides strong security with better or comparable performance.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要