Leakage-abuse Attack Against Substring-SSE with Partially Known Dataset
Xijie Ba, Qin Liu, Xiaohong Li, Jianting Ning
TL;DR
This paper introduces the first leakage-abuse attack on substring-SSE with partially known datasets, demonstrating high success rates and exposing significant privacy vulnerabilities in current schemes.
Contribution
It develops a novel matrix-based correlation technique extending the LEAP framework to attack substring-SSE under partial knowledge, a previously unexplored scenario.
Findings
Achieves 98.32% recovery with 50% prior knowledge
Attains 74.42% recovery with only 10% prior knowledge
Demonstrates scalability across various dataset sizes
Abstract
Substring-searchable symmetric encryption (substring-SSE) has become increasingly critical for privacy-preserving applications in cloud systems. However, existing schemes remain vulnerable to information leakage during search operations, particularly when adversaries possess partial knowledge of the target dataset. Although leakage-abuse attacks have been widely studied for traditional SSE, their applicability to substring-SSE under partially known data assumptions remains unexplored. In this paper, we present the first leakage-abuse attack on substring-SSE under partially-known dataset conditions. We develop a novel matrix-based correlation technique that extends and optimizes the LEAP framework for substring-SSE, enabling efficient recovery of plaintext data from encrypted suffix tree structures. Unlike existing approaches that rely on independent auxiliary datasets, our method…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsCryptography and Data Security · Cryptographic Implementations and Security · Chaos-based Image/Signal Encryption