How Query Distribution Knowledge Breaks Multidimensional Encrypted Range Queries, With Guarantees

TL;DR

This paper demonstrates that knowledge of query distribution and access-pattern leakage can effectively break multi-dimensional encrypted range queries, providing provable guarantees and outperforming existing methods.

Contribution

It introduces LAMa, a novel framework for multi-dimensional cryptanalysis with rigorous guarantees, surpassing prior approaches in effectiveness.

Findings

LAMa outperforms state-of-the-art methods in experiments.

Provides the first rigorous guarantees for multi-dimensional frequency-matching cryptanalysis.

Reconstructs plaintext coordinates without post-hoc transformations or data poisoning.

Abstract

In this work, we show how knowledge of the query distribution, combined with access-pattern leakage, is sufficient to break multi-dimensional encrypted range queries, with provable guarantees. Prior attacks either recover only data topology without concrete coordinates for plaintexts (and as a result require post-hoc transformations), or assume adversarial control over database content; a strong and unrealistic threat model. Given knowledge of the query distribution, we revisit frequency matching, one of the earliest cryptanalytic ideas in this area, and push it to its limits in the multi-dimensional regime through LAMa ($\underline{L}$eakage-$\underline{A}$buse via $\underline{Ma}$tching). LAMa is a three-component framework that reconstructs plaintext coordinates in arbitrary dimensions without post-hoc transformations or data injection/poisoning. We complement LAMa with the first rigorous guarantees for multi-dimensional frequency-matching cryptanalysis, covering its query complexity, optimal parameterization, and worst-case reconstruction quality. Experiments on real-world data show that LAMa consistently outperforms the state of the art.