Practical searchable encryption scheme against response identity attacks

Abstract

Searchable symmetric encryption (SSE) enables efficient keyword-based search over encrypted data while revealing nothing about data and query beyond some pre-defined leakage, such as access pattern and search pattern. A new class of leakage-abuse attacks, called response identity attacks, can exploit access patterns to recover the queried keywords. Although some progress has been made to resist on response identity attacks, it is challenging to design a practical SSE scheme that resists on response identity attacks while protecting the security of data and queries (i.e., end-to-end SSE). To this end, we first present a novel dynamic SSE scheme supporting toward privacy based on the modified Path-ORAM, where the server cannot identify update patterns. We then design a dynamic end-to-end SSE scheme defending response identity attacks under two non-colluding servers model, which splits each encrypted document into the main document and extra blocks, and stores them separately using different obfuscation strategies. The proposed scheme can prevent adversaries from identifying which document in prior knowledge contains the searched keyword while hiding the data content and queries. Experimental results show that our proposed scheme is superior to the state-of-the-art scheme.