In order to protect data in the cloud, a database should be stored in encrypted form and queries executed without prior decryption. Searchable encryption schemes are being deployed in real-world applications to achieve this objective. They balance security and performance by providing efficient algorithms that, however, leak some information about the data. This talk considers range queries on encrypted multidimensional data and explores the feasibility of reconstructing the plaintext data by exploiting the information leakage from such queries. We analyze common types of leakage, like access pattern, i.e., individually encrypted records in query responses, and volume pattern, i.e., encrypted entire query responses. We also develop efficient searchable encryption schemes and assess both theoretically and experimentally their vulnerability to reconstruction attacks that exploit their leakage. By furthering the understanding of the security limitations of encrypted cloud data, our work enables developers to make more informed choices when deploying searchable encryption solutions.
Evangelia Anna (Lilika) Markatou is an assistant professor of cybersecurity at TU Delft. She received her PhD from Brown University, advised by Roberto Tamassia. She graduated with a Bachelor's degree in Electrical Engineering and Computer Science in 2016 from the Massachusetts Institute of Technology (MIT). In 2018, she received a Master of Engineering from MIT advised by Nancy Lynch. In her research, she aims to develop secure and private protocols that enable users to utilize cloud computing resources without sacrificing their data.