SWiSSSE: System-Wide Security for Searchable Symmetric Encryption

Authors: Zichen Gui (ETH Zurich), Kenneth G. Paterson (ETH Zurich), Sikhar Patranabis (IBM Research India), Bogdan Warinschi (University of Bristol and DFINITY)

Volume: 2024
Issue: 1
Pages: 549–581
DOI: https://doi.org/10.56553/popets-2024-0032

Artifact: Reproduced

Download PDF

Abstract: This paper initiates a new direction in the design and analysis of searchable symmetric encryption (SSE) schemes. We provide the first comprehensive security model and definition for SSE that takes into account leakage from the entirety of the SSE system, including not only from access to encrypted indices but also from access to the encrypted database documents themselves. Such system-wide leakage is intrinsic in end-to-end SSE systems, and can be used to break almost all state-of-the-art SSE schemes (Gui et al., IEEE S&P 2023). We then provide a static SSE construction meeting our new security notion. The proposed SSE scheme involves a combination of novel techniques: bucketization to hide volumes of responses to queries, and delayed, pseudorandom write-backs to disrupt access pattern. Our implementation and analysis of the proposed scheme demonstrates that it offers very strong security against general classes of (system-wide) leakage-abuse attacks with moderate overhead. Our scheme scales smoothly to databases containing hundreds of thousand of documents and millions of keyword-document pairs. To the best of our knowledge, this is the first end-to-end SSE scheme that effectively suppresses system-wide leakage while maintaining practical efficiency.

Keywords: searchable symmetric encryption, system-wide security, leakage cryptanalysis, bucketization, forward and backward privacy, oblivious operations

Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution 4.0 license.