Associate Professor Wei Wang's team from Cyber-Physical-Social Systems Lab (CPSS Lab) of the School of Computer Science and Technology (SCST), HUST has been committed to big data security research. Recently, they have made a new progress in this field. On February 16, with the PhD student Xianglong Zhang as the first author and Associate Professor Wei Wang as the corresponding author, the paper titled “High Recovery with Fewer Injections: Practical Binary Volumetric Injection Attacks against Dynamic Searchable Encryption” was officially received by Usenix Security Symposium, one of the four top conferences in the security field.
As modern society becomes more and more dependent on data, the problem of data security is becoming increasingly prominent. Due to the expansion of the scale and complexity of data, security vulnerabilities, and attack surfaces become more extensive and complex. In order to promote the increasingly perfect defense function, the study of the attack model is indispensable. At present, some attack models are restricted by some factors and need to be improved in attack efficiency or performance. Therefore, more effective schemes need to be proposed. Based on information leakage in Searchable symmetric encryption (SSE), this paper proposes two new injection attacks (namely BVA and BVMA), by leveraging a binary volumetric approach, which can resist mature defense methods and obtain a high recovery rate.
SSE is a data encryption technology. Users can search for the encrypted data without decrypting it by searching for keywords on the encrypted database. However, statistics about the response during this time still reveal information about the encrypted database for using volumetric injection attacks. FIG. 1 shows the general injection attack model: (1) In the initial phase, the adversary observes the query leakage of the client-side as prior knowledge; (2) In the injection stage, the adversary generates the injection file, encrypts it through the client-side, and uploads it to the server; (3) In the recovery stage, the adversary obtains the leakage of the target query and recovers the target query.
FIG. 1 Attack model
Since the existing volumetric injection attacks are limited by the complexity of interaction rounds and the amount of injection, this study proposes two effective injection attacks: binary variable parameter attack (BVA) and binary volumetric matching attack (BVMA), which can not only provide high recovery rate and less injection but also evade the popular defense means.
In addition to using the response size, BVA used a dynamic injection parameter γ to balance the injection size and recovery rate, which significantly reduced the injection size. BVMA is further optimized than BVA and is the first injection attack to incorporate response length and size patterns. For any query, the BVMA can filter out incorrect keywords with a small amount of injection by looking at the difference in the amount of response before and after injection. What’s more, it can also optimize recovery with other leakage information.
According to the experimental results, compared with other schemes, BVA and BVMA show better performance and can provide a higher recovery rate with less injection amount. For example, FIG. 2 shows a comparison between BVA and decoding attacks on different databases. With increasing γ, the recovery rate of BVA quickly rises to the same recovery rate as decoding attacks, while the injection size remains stable and much smaller than decoding attacks.
FIG. 2 Comparison of BVA and decoding attack under parameter γ
At the same time, BVA and BVMA can thwart well-studied defenses (such as threshold countermeasures and static padding). Modified and optimized BVA can eliminate the adverse effects of active updates in client-side. FIG. 3 (a) shows that the increase of add operation reduces the recovery rate, (b) shows that random updates have little impact on attack performance, and (c) shows that the delete operation improves the recovery rate.
FIG. 3 The recovery rate of the modified attack with the percentage of updates
This study achieves a higher recovery rate with less injection under dynamic SSE, posing an important threat to the current defense. It verifies the feasibility of the scheme from the experimental point of view, shows its performance advantages, and provides a new idea and practical experience for the further study of attack model and specific scheme.
As the data contains sensitive information, such as personal identity, medical records, and financial records., confidential data is undoubtedly very important for protecting personal privacy and security and maintaining corporate business secrets. It is of great strategic significance to build a secure and reliable encrypted database system. Therefore, the confidential database has been widely concerned and studied in academia and business circles. There are many important research results in such fields as security, performance, and scalability. China is also actively exploring the independent research and development database. At present, Wei Wang's team is conducting relevant technical discussions with Huawei openGauss and using some attack models that the team understands and studies to have its encryption database to be further modified and improved. In this way, it can achieve more complete ciphertext search security and promote the improvement and development of China’s ciphertext database.
CPSS Lab of the School of Computer Science and Technology, established in 2010, mainly studies intelligence and security issues under the perception, interaction, and integration of three-dimensions of cyber-physical-social. By using new technologies, such as the Internet of Things, big data, and network security, the intelligent application and development of cyber-physical-social systems was promoted. Current research fields mainly include: big data computing, big data analysis, big data security, and big data storage. Specific research interests include CPSS cyber-physical-social systems, tensor computing, tensor analysis, Internet of Things security, big data privacy and protection, cryptography, and 3D storage.