Passive Query-Recovery Attack Against Secure Conjunctive Keyword Search Schemes

TL;DR

This paper investigates passive query-recovery attacks on conjunctive keyword search schemes, extending existing single-keyword attacks, and evaluates their effectiveness and limitations in different attacker knowledge scenarios.

Contribution

It introduces a generic extension strategy for passive query-recovery attacks to conjunctive keyword searches and assesses its performance and limitations.

Findings

Recovery rate drops to 32% with extension for conjunctive queries

Stronger attacker knowledge boosts recovery to 85%

Existing attacks perform well on single-keyword schemes

Abstract

While storing documents on the cloud can be attractive, the question remains whether cloud providers can be trusted with storing private documents. Even if trusted, data breaches are ubiquitous. To prevent information leakage one can store documents encrypted. If encrypted under traditional schemes, one loses the ability to perform simple operations over the documents, such as searching through them. Searchable encryption schemes were proposed allowing some search functionality while documents remain encrypted. Orthogonally, research is done to find attacks that exploit search and access pattern leakage that most efficient schemes have. One type of such an attack is the ability to recover plaintext queries. Passive query-recovery attacks on single-keyword search schemes have been proposed in literature, however, conjunctive keyword search has not been considered, although keyword searches with two or three keywords appear more frequently in online searches. We introduce a generic extension strategy for existing passive query-recovery attacks against single-keyword search schemes and explore its applicability for the attack presented by Damie et al. (USENIX Security '21). While the original attack achieves up to a recovery rate of 85% against single-keyword search schemes for an attacker without exact background knowledge, our experiments show that the generic extension to conjunctive queries comes with a significant performance decrease achieving recovery rates of at most 32%. Assuming a stronger attacker with partial knowledge of the indexed document set boosts the recovery rate to 85% for conjunctive keyword queries with two keywords and achieves similar recovery rates as previous attacks by Cash et al. (CCS '15) and Islam et al. (NDSS '12) in the same setting for single-keyword search schemes.