Visible to the public Breaking Web Applications Built On Top of Encrypted Data

TitleBreaking Web Applications Built On Top of Encrypted Data
Publication TypeConference Paper
Year of Publication2016
AuthorsGrubbs, Paul, McPherson, Richard, Naveed, Muhammad, Ristenpart, Thomas, Shmatikov, Vitaly
Conference NameProceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-4139-4
Keywordsapplication security, composability, control theory, decomposition, encryption audits, leakage, Metrics, provable security, pubcrawl, Searchable encryption, security, Security Audits

We develop a systematic approach for analyzing client-server applications that aim to hide sensitive user data from untrusted servers. We then apply it to Mylar, a framework that uses multi-key searchable encryption (MKSE) to build Web applications on top of encrypted data. We demonstrate that (1) the Popa-Zeldovich model for MKSE does not imply security against either passive or active attacks; (2) Mylar-based Web applications reveal users' data and queries to passive and active adversarial servers; and (3) Mylar is generically insecure against active attacks due to system design flaws. Our results show that the problem of securing client-server applications against actively malicious servers is challenging and still unsolved. We conclude with general lessons for the designers of systems that rely on property-preserving or searchable encryption to protect data from untrusted servers.

Citation Keygrubbs_breaking_2016