Frequency-smoothing encryption: preventing snapshot attacks on deterministically encrypted data

Authors

  • Marie-Sarah Lacharité Royal Holloway, University of London, Egham, United Kingdom
  • Kenneth G. Paterson Royal Holloway, University of London, Egham, United Kingdom

DOI:

https://doi.org/10.13154/tosc.v2018.i1.277-313

Keywords:

database encryption, snapshot attacks, inference attacks, homophonic encoding, frequency-smoothing encryption

Abstract

Statistical analysis of ciphertexts has been recently used to carry out devastating inference attacks on deterministic encryption (Naveed, Kamara, and Wright, CCS 2015), order-preserving/revealing encryption (Grubbs et al., S&P 2017), and searchable encryption (Pouliot and Wright, CCS 2016). At the heart of these inference attacks is classical frequency analysis. In this paper, we propose and evaluate another classical technique, homophonic encoding, as a means to combat these attacks. We introduce and develop the concept of frequency-smoothing encryption (FSE) which provably prevents inference attacks in the snapshot attack model, wherein the adversary obtains a static snapshot of the encrypted data, while preserving the ability to efficiently and privately make point queries. We provide provably secure constructions for FSE schemes, and we empirically assess their security for concrete parameters by evaluating them against real data. We show that frequency analysis attacks (and optimal generalisations of them for the FSE setting) no longer succeed.

Published

2018-03-01

Issue

Section

Articles

How to Cite

Frequency-smoothing encryption: preventing snapshot attacks on deterministically encrypted data. (2018). IACR Transactions on Symmetric Cryptology, 2018(1), 277-313. https://doi.org/10.13154/tosc.v2018.i1.277-313