English
Related papers

Related papers: Practical Volume-Based Attacks on Encrypted Databa…

200 papers

Searchable symmetric encryption enables private queries over an encrypted database, but it also yields information leakages. Adversaries can exploit these leakages to launch injection attacks (Zhang et al., USENIX'16) to recover the…

Cryptography and Security · Computer Science 2023-02-14 Xianglong Zhang , Wei Wang , Peng Xu , Laurence T. Yang , Kaitai Liang

Searchable symmetric encryption schemes often unintentionally disclose certain sensitive information, such as access, volume, and search patterns. Attackers can exploit such leakages and other available knowledge related to the user's…

Cryptography and Security · Computer Science 2024-03-05 Hao Nie , Wei Wang , Peng Xu , Xianglong Zhang , Laurence T. Yang , Kaitai Liang

Cloud data storage solutions offer customers cost-effective and reduced data management. While attractive, data security issues remain to be a core concern. Traditional encryption protects stored documents, but hinders simple…

Cryptography and Security · Computer Science 2023-06-28 Marc Damie , Florian Hahn , Andreas Peter

While storing documents on the cloud can be attractive, the question remains whether cloud providers can be trusted with storing private documents. Even if trusted, data breaches are ubiquitous. To prevent information leakage one can store…

Cryptography and Security · Computer Science 2023-07-04 Marco Dijkslag , Marc Damie , Florian Hahn , Andreas Peter

Recent Searchable Symmetric Encryption (SSE) schemes enable secure searching over an encrypted database stored in a server while limiting the information leaked to the server. These schemes focus on hiding the access pattern, which refers…

Cryptography and Security · Computer Science 2020-10-08 Simon Oya , Florian Kerschbaum

Searchable Symmetric Encryption (SSE) enables efficient search capabilities over encrypted data, allowing users to maintain privacy while utilizing cloud storage. However, SSE schemes are vulnerable to leakage attacks that exploit access…

Cryptography and Security · Computer Science 2025-04-30 Joshua Chiu , Partha Protim Paul , Zahin Wahab

This work explores injection attacks against password managers. In this setting, the adversary (only) controls their own application client, which they use to "inject" chosen payloads to a victim's client via, for example, sharing…

Cryptography and Security · Computer Science 2024-08-14 Andrés Fábrega , Armin Namavari , Rachit Agarwal , Ben Nassi , Thomas Ristenpart

We demonstrate the feasibility of database reconstruction under a cache side-channel attack on SQLite. Specifically, we present a Flush+Reload attack on SQLite that obtains approximate (or "noisy") volumes of range queries made to a private…

Cryptography and Security · Computer Science 2021-06-22 Aria Shahverdi , Mahammad Shirinov , Dana Dachman-Soled

Dynamic searchable symmetric encryption (DSSE) enables a server to efficiently search and update over encrypted files. To minimize the leakage during updates, a security notion named forward and backward privacy is expected for newly…

Cryptography and Security · Computer Science 2023-09-14 Lei Xu , Leqian Zheng , Chengzhi Xu , Xingliang Yuan , Cong Wang

Dynamic Searchable Encryption (DSE) has emerged as a solution to efficiently handle and protect large-scale data storage in encrypted databases (EDBs). Volume leakage poses a significant threat, as it enables adversaries to reconstruct…

Cryptography and Security · Computer Science 2024-03-05 Dongli Liu , Wei Wang , Peng Xu , Laurence T. Yang , Bo Luo , Kaitai Liang

We uncover a vulnerability that allows for an attacker to perform an email-based attack on selected victims, using only standard scripts and agents. What differentiates the attack we describe from other, already known forms of distributed…

Computers and Society · Computer Science 2007-05-23 Markus Jakobsson , Filippo Menczer

Motivated by the problem of simultaneously preserving confidentiality and usability of data outsourced to third-party clouds, we present two different database encryption schemes that largely hide data but reveal enough information to…

Cryptography and Security · Computer Science 2015-08-12 Omar Chowdhury , Deepak Garg , Limin Jia , Anupam Datta

This paper addresses volume leakage (i.e., leakage of the number of records in the answer set) when processing keyword queries in encrypted key-value (KV) datasets. Volume leakage, coupled with prior knowledge about data distribution and/or…

Databases · Computer Science 2024-02-27 Shanshan Han , Vishal Chakraborty , Michael Goodrich , Sharad Mehrotra , Shantanu Sharma

Large Language Model (LLM) agents have achieved rapid adoption and demonstrated remarkable capabilities across a wide range of applications. To improve reasoning and task execution, modern LLM agents would incorporate memory modules or…

Cryptography and Security · Computer Science 2026-04-14 Xingyu Lyu , Jianfeng He , Ning Wang , Yidan Hu , Tao Li , Danjue Chen , Shixiong Li , Yimin Chen

We describe and evaluate an attack that reconstructs the histogram of any target attribute of a sensitive dataset which can only be queried through a specific class of real-world privacy-preserving algorithms which we call bounded…

Cryptography and Security · Computer Science 2019-11-06 Hassan Jameel Asghar , Dali Kaafar

Substring-searchable symmetric encryption (substring-SSE) has become increasingly critical for privacy-preserving applications in cloud systems. However, existing schemes remain vulnerable to information leakage during search operations,…

Cryptography and Security · Computer Science 2025-11-04 Xijie Ba , Qin Liu , Xiaohong Li , Jianting Ning

We propose a cheat sensitive quantum protocol to perform a private search on a classical database which is efficient in terms of communication complexity. It allows a user to retrieve an item from the server in possession of the database…

Quantum Physics · Physics 2009-11-13 Vittorio Giovannetti , Seth Lloyd , Lorenzo Maccone

Side-channel information leakage is a known limitation of SGX. Researchers have demonstrated that secret-dependent information can be extracted from enclave execution through page-fault access patterns. Consequently, various recent research…

Cryptography and Security · Computer Science 2017-02-27 Ferdinand Brasser , Urs Müller , Alexandra Dmitrienko , Kari Kostiainen , Srdjan Capkun , Ahmad-Reza Sadeghi

In this era of internet, E-Business and e-commerce applications are using Databases as their integral part. These Databases irrespective of the technology used are vulnerable to SQL injection attacks. These Attacks are considered very…

Cryptography and Security · Computer Science 2020-09-30 Israr Ali , Syed Hasan Adil , Mansoor Ebrahim

Symmetric private information retrieval is a cryptographic task allowing a user to query a database and obtain exactly one entry without revealing to the owner of the database which element was accessed. The task is a variant of general…

Quantum Physics · Physics 2025-09-09 Esther Hänggi , Severin Winkler
‹ Prev 1 2 3 10 Next ›