Abstract
In a keyword search scheme a user stores encrypted data on an untrusted server and gives a database manager a capability for a keyword which enables a database manager to find encrypted data containing the keyword without revealing the keyword to the database manager. Conjunctive keyword search scheme enables a user to obtain data containing all of several keywords through only one query. One of the security requirements of conjunctive keyword search schemes is that a malicious adversary should not be able to generate new valid capabilities from the observed capabilities. In this paper we show that conjunctive keyword search schemes are not secure. In particular, given two capabilities corresponding two sets of keywords, an adversary is able to generate a new capability corresponding to the difference set of two keywords sets.
This research was supported by the MIC(Ministry of Information and Communication), Korea, under the ITRC(Information Technology Research Center) support program supervised by the IITA(Institute of Information Technology Assessment).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abdalla, M., Bellare, M., Catalano, D., Catalano, E., Lange, T., Malone-Lee, J., Neven, G., Paillier, P., Shi, H.: Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extions. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 205–222. Springer, Heidelberg (2005)
Agrawal, R., Srikant, R.: Privacy-Preserving Data Mining. In: Proceedings of the 2000 ACM SIGMOD International Conference on Management of Data, pp. 439–450 (2000)
Balze, M.: A Cryptographic file system for UNIX. In: Processings of 1st ACM Conference om Communications and Computing Security (1993)
Bellovin, S., Cheswick, W.: Privacy-enhanced searches using encrypted bloom filters. Cryptology ePrint Archive, Report 2004/022 (February 2004)
Boneh, D., Crescenzo, G.D., Ostrovsky, R., Persiano, G.: Public key Encryption with Keyword Search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004)
Brassard, D., Crepeau, C., Robert, J.M.: All-or-Nithing Disclosure of Secrets. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 234–238. Springer, Heidelberg (1987)
Bellare, M., Namprempre, C., Pioncheval, D.: The Power of RSA Onversion Oracles and the Security of Chaum’s RSA-Based Blind Signature Scheme. In: Syverson, P.F. (ed.) FC 2001. LNCS, vol. 2339, pp. 309–338. Springer, Heidelberg (2002)
Chang, Y.C., Mitzenmacher, M.: Privacy preserving keyword searches on remote encrypted data, ePrint October 7 (2003)
Cattaneo, G., Persiano, G., Del Sorbo, A., Cozzolino, A., Mauriello, E., Pisapia, R.: Design and implementation of a transparent cryptographic file system for UNIX. Techincal Report, University of Salerno (1997)
Even, S., Goldreich, O., Lempel, A.: A Randomized Protocol for Signing Contracts. Comm. of ACM 28, 637–647 (1985)
Goh, E.J.: Secure index, ePrint, October 7 (2003)
Golle, P., Jakobsson, M., Juels, A., Syverson, P.: Universal Re-encryption for Mixnets. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 163–178. Springer, Heidelberg (2004)
Golle, P., Staddon, J., Waters, B.: Secure Conjunctive Keyword Search Over Encrypted Data. In: Proceedings of the Second International Conference on ACNS:Applied Cryptography and Network Security (2004)
Hughes, J., Corcoran, D.: A nuiversal access, smart-card-based, secure fiel system. Atlanta Linux Showcase (October 1999)
John, A., Peter, R.: Electric Communication Development, Communications of the ACM, 40, (May 1997), 71–79, 48–63 (2002)
Kurosawa, K.: Multi-recipient Public-Key Encryption with Shortened Ciphertext. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 48–63. Springer, Heidelberg (2002)
Noar, M., Pinkas, B.: Efficient Oblivious trnasfer protocols. In: 12th Annual Symposium on Discrete Algorithms(SODA), pp. 448–457 (2001)
Ogata, W., Kurosawa, K.: Oblivious Keyword Search. Journal of complexity 2004Â 20 (April/June 2004)
Park, D., Kim, K., Lee, P.: Public key Encryption with Conjunctive Field Keyword Search. In: Lim, C.H., Yung, M. (eds.) WISA 2004. LNCS, vol. 3325, pp. 73–86. Springer, Heidelberg (2005)
Pointcheval, D., Stern, J.P.: Provably secure blind signature schemes. In: Kim, K.-c., Matsumoto, T. (eds.) ASIACRYPT 1996. LNCS, vol. 1163, pp. 252–265. Springer, Heidelberg (1996)
Rabin, M.: How to exchange secrets by oblivious transfer. Technical Report TR 81, Aiken computation Lab. Harvard University
Rhee, H.S., Byun, J.W., Lee, D.H., Lim, J.I.: Oblivious Conjunctive Keyword Search. In: Song, J.-S., Kwon, T., Yung, M. (eds.) WISA 2005. LNCS, vol. 3786, pp. 318–327. Springer, Heidelberg (2006)
Song, D., Wagner, D., Perrige, A.: Practical Techniques for searches on Encrypted Data. In: Proc. of the 2000 IEEE Security and Privacy Symposium (May 2000)
Waters, B.R., Balfanz, D., Durfee, G., Smetters, D.K.: Building an Encrypted and Searchable Audit Log. In: 11th Annual Network and Distributed Security Symposium (NDSS 2004) (2004)
Zadok, E., Badulescu, I., Shender, A.: Cryptfs: A stackable vnode level encryption fiel system, Technical Report CUCS-021-98 (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Rhee, H.S., Jeong, I.R., Byun, J.W., Lee, D.H. (2006). Difference Set Attacks on Conjunctive Keyword Search Schemes. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2006. Lecture Notes in Computer Science, vol 4165. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11844662_5
Download citation
DOI: https://doi.org/10.1007/11844662_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-38984-2
Online ISBN: 978-3-540-38987-3
eBook Packages: Computer ScienceComputer Science (R0)