Differentially Private Searchable Symmetric Encryption Scheme with Configurable Pattern Leakage

Abstract

Searchable symmetric encryption (SSE) allows a data owner to outsource its data to a cloud server while maintaining the ability to search over it. Most existing SSE schemes leak access-pattern leakage, and thus are vulnerable to attacks like the IKK attack. Oblivious RAM and PIR can be used to construct SSE schemes that fully hide access patterns. However, such schemes su er from heavy communication overhead or computation overhead making them impractical. Chen et al. proposed an obfuscation mechanism to protect existing SSE schemes against access-pattern leakage. This mechanism can produce di erentially private access patterns per keyword. However, it cannot hide whether or not the same keyword is being searched multiple times or, in other words, the search patterns, making this mechanism vulnerable to search-pattern attacks.

In this thesis, we propose a stronger security de nition for di erentially private searchable symmetric encryption schemes and present a real construction, DP-SSE, ful lling it. On the one hand, DP-SSE is adaptively semantically secure and provides di erential privacy for both keywords and documents implying search-pattern hiding and access-pattern hiding, respectively. On the other hand, DP-SSE has communication overhead as small as O(log log n) and computation complexity of O(n log log n) when querying relatively frequent keyword w. When assuming queries follow Zip an distribution, the amortized communication overhead would be O(log n log log n). By replicating the IKK attack, we show that DP-SSE can actually hide access patterns and make it di cult to extract useful information from di erentially private access-pattern leakage. Finally, we perform KMeans clustering, we were able to show that inferring search patterns from di erentially private access-pattern leakage is di cult, namely search patterns are hidden.