Peekaboo, I See Your Queries: Passive Attacks Against DSSE Via Intermittent Observations
By: Hao Nie , Wei Wang , Peng Xu and more
Potential Business Impact:
Steals secrets from encrypted data searches.
Dynamic Searchable Symmetric Encryption (DSSE) allows secure searches over a dynamic encrypted database but suffers from inherent information leakage. Existing passive attacks against DSSE rely on persistent leakage monitoring to infer leakage patterns, whereas this work targets intermittent observation - a more practical threat model. We propose Peekaboo - a new universal attack framework - and the core design relies on inferring the search pattern and further combining it with auxiliary knowledge and other leakage. We instantiate Peekaboo over the SOTA attacks, Sap (USENIX' 21) and Jigsaw (USENIX' 24), to derive their "+" variants (Sap+ and Jigsaw+). Extensive experiments demonstrate that our design achieves >0.9 adjusted rand index for search pattern recovery and 90% query accuracy vs. FMA's 30% (CCS' 23). Peekaboo's accuracy scales with observation rounds and the number of observed queries but also it resists SOTA countermeasures, with >40% accuracy against file size padding and >80% against obfuscation.
Similar Papers
Leakage-abuse Attack Against Substring-SSE with Partially Known Dataset
Cryptography and Security
Breaks hidden messages even with some clues.
Pushing the Limits of Frequency Analysis in Leakage Abuse Attacks
Cryptography and Security
Protects secret data while still letting you search it.
Enhancing Leakage Attacks on Searchable Symmetric Encryption Using LLM-Based Synthetic Data Generation
Cryptography and Security
Makes secret messages easier to break.