【讲座】高效可部署实用可搜索加密中的安全性讨论【Summer Lecture Series 之四】

发布日期:2021-08-20      浏览次数:340

讲座标题:【计算机学院】高效可部署实用可搜索加密中的安全性讨论【Summer Lecture Series 之四】

主讲人: 宁建廷

讲座时间:2021-08-24 10:00:00

讲座地点:线上,腾讯会议975 596 467




    (CCS’2021)LEAP: Leakage-Abuse Attack on Efficiently Deployable, Efficiently Searchable Encryption with Partially Known Dataset.

Searchable Encryption (SE) enables private queries on encrypted documents. Most existing SE schemes focus on constructing industrial-ready, practical solutions at the expense of information leakages that are considered acceptable. In particular, ShadowCrypt utilizes a cryptographic approach named “efficiently deployable, efficiently searchable encryption” (EDESE) that reveals the encrypted dataset and the query tokens among other information. However, recent attacks showed that such leakages can be exploited to (partially) recover the underlying keywords of query tokens under certain assumptions on the attacker’s background knowledge. We continue this line of work by presenting LEAP, a new leakage-abuse attack on EDESE schemes that can accurately recover the underlying keywords of query tokens based on partially known documents and the L2 leakage as per defined by Cash et al. (CCS ’15). As an auxiliary function, our attack supports document recovery in the similar setting. To the best of our knowledge, this is the first attack on EDESE schemes that achieves keyword recovery and document recovery without error based on partially known documents and L2 leakage. We conduct extensive experiments to demonstrate the effectiveness of our attack by varying levels of attacker’s background knowledge.


宁建廷,男,1988年6月生,工学博士,福建师范大学计算机与网络空间安全学院教授、博士生导师。2016年12月获上海交通大学博士学位,从上海交通大学博士提前毕业后,先后在新加坡国立大学的新加坡国立大学与新加坡电信网络空间安全联合实验室(NUS-Singtel Cyber Security R&D Corp Lab)担任研究员(Research Fellow)、新加坡管理大学可信移动研究中心(Secure Mobile Centre)担任研究型科学家(Research Scientist)。研究领域为密码学与数据安全,研究工作发表于ACM CCS、ESORICS、ACSAC、IEEE汇刊等网络与信息安全领域会议/期刊,获得欧洲计算安全年会ESORICS 2020最佳论文奖。入选“闽江学者奖励计划”特聘教授。