Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

Off-Line Keyword Guessing Attacks on Recent Keyword Search Schemes over Encrypted Data

  • Conference paper
Secure Data Management (SDM 2006)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 4165))

Included in the following conference series:

Abstract

A keyword search scheme over encrypted documents allows for remote keyword search of documents by a user in possession of a trapdoor (secret key). A data supplier first uploads encrypted documents on a storage system, and then a user of the storage system searches documents containing keywords while insider (such as administrators of the storage system) and outsider attackers do not learn anything else about the documents.

In this paper, we firstly raise a serious vulnerability of recent keyword search schemes, which lies in the fact that keywords are chosen from much smaller space than passwords and users usually use well-known keywords for search of document. Hence this fact sufficiently gives rise to an off-line keyword guessing attack. Unfortunately, we observe that the recent public key-based keyword search schemes are susceptible to an off-line keyword guessing attack. We demonstrated that anyone (insider/outsider) can retrieve information of certain keyword from any captured query messages.

This research was supported by the MIC(Ministry of Information and Communication), Korea, under the ITRC(Information Technology Research Center) support program supervised by the IITA(Institute of Information Technology Assessment).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Abdalla, M., Bellare, M., Catalano, D., Kiltz, E., Kohno, T., Lange, T., Malone-Lee, J., Neven, G., Paillier, P., Shi, H.: Encryption with keyword search, revisited: consistency conditions, relations to anonymous IBE, and extensions. This paper will be appear in: Crypto 2005 (2005)

    Google Scholar 

  2. Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the First ACM Conference on Computer and Communications Security. ACM, New York (1995)

    Google Scholar 

  3. Boneh, D., Crescenzo, G.D., Ostrovsky, R., Persiano, G.: Public Key Encryption with Keyword Search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  4. Boneh, D., Franklin, M.: Identity-Based Encryption from the Weil Pairing. SIAM J. of Computing 32(3), 586–615 (2003)

    Article  MATH  MathSciNet  Google Scholar 

  5. Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private Information Retrieval. In: Proceedings of 29th STOC (1997)

    Google Scholar 

  6. Di Crescenzo, G., Ishai, Y., Ostrovsky, R.: Universal Servie-providers for Dtabase Private Information Retrieval. In: Proceedings of 17th PODC (1998)

    Google Scholar 

  7. Chang, Y., Mitzenmacher, M.: Privacy preserving keyword searches on remote encrypted data. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 442–455. Springer, Heidelberg (2005); An early version of this paper is appeared on Cryptology ePrint Archieve, Available at: http://eprint.iacr.org/2004/051

    Chapter  Google Scholar 

  8. Golle, P., Staddon, J., Waters, B.: Secure Conjunctive keyword search over encrytped data. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 31–45. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  9. Goh, E.: Secure Indexes. Cryptology ePrint Archieve on (March 16, 2004), This paper is availabe at: http://eprint.iacr.org/2003/216

  10. Mish, F.: Merriam-Webster’s Collegiate Dictionary, 11th edn. Merriam-Webser, Inc. (2003), http://www.m-w.com/help/

  11. Ostrovsky, R., Skeith, W.: Private keyword search on streaming data. In: Crypto 2005 (2005) (This paper will be appear)

    Google Scholar 

  12. Ogata, W., Kurosawa, K.: Oblivious keyword search. Journal of Complexity 20(2-3), 356–371 (2004)

    Article  MATH  MathSciNet  Google Scholar 

  13. Park, D.J., Kim, K., Lee, P.J.: Public Key Encryption with Conjunctive Field Keyword Search. In: Lim, C.H., Yung, M. (eds.) WISA 2004. LNCS, vol. 3325, pp. 73–86. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  14. Song, D., Wagner, D., Perrig, A.: Practical Techniques for Searches on Encrypted Data. In: Proceedings of IEEE sysmposium on Security and Privacy (2000)

    Google Scholar 

  15. Zimmermann, P.R.: The official PGP User’s Guide. MIT Press, Cambridge (1995)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Center for Information Security Technologies (CIST), Korea University, Anam Dong, Sungbuk Gu, Seoul, Korea

    Jin Wook Byun, Hyun Suk Rhee, Hyun-A Park & Dong Hoon Lee

Authors
  1. Jin Wook Byun
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hyun Suk Rhee
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hyun-A Park
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Dong Hoon Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Philips Research, The Netherlands

    Willem Jonker

  2. Philips Research, Information & System Security, High Tech Campus 37 (WY 71), 5656, Eindhoven, AE, The Netherlands

    Milan Petković

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Byun, J.W., Rhee, H.S., Park, HA., Lee, D.H. (2006). Off-Line Keyword Guessing Attacks on Recent Keyword Search Schemes over Encrypted Data. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2006. Lecture Notes in Computer Science, vol 4165. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11844662_6

Download citation

  • DOI: https://doi.org/10.1007/11844662_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-38984-2

  • Online ISBN: 978-3-540-38987-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation