Abstract
With the increasing volume of data generated by individuals and organisations, it becomes more and more challenging to store and process data locally. Structured encryption (STE) aims to provide an outsourced storage and query solution to this problem for structured data while preserving user privacy. This thesis focuses on two subclasses of STE, namely encrypted range queries (numerically labelled data) and searchable encryption (text-based data).We develop a multitude of novel attacks on encrypted range queries and searchable encryption with devastating consequences on user privacy. In particular, we identify system-wide leakage as a new source of leakage for STE that one of our attacks can exploit. We experimentally demonstrate that all state-of-the-art STE schemes suffer from this leakage in their efficient instantiations. We devise the first searchable encryption scheme that is free from system-wide leakage and is practically efficient. Finally, we propose a new security notion for STE that aims to prevent attacks at the definitional level.
| Date of Award | 12 Jan 2022 |
|---|---|
| Original language | English |
| Awarding Institution |
|
| Supervisor | Oliver T Johnson (Supervisor) & Bogdan Warinschi (Supervisor) |