SlideShare a Scribd company logo

Tarik Moataz - Encrypted Search: from Research to Real-World Systems

CSNP
CSNP

Boston CSNP - January 2020

Technology
1 of 38
Download to read offline
Encrypted Search From Research to Real-World Systems Tarik Moataz CSNP Boston Chapter Jan 23rd 2020 AROKI
 SYSTEMS
A little bit about me… • Currently • Chief Technology Officer at Aroki Systems (https://aroki.com ) • Associate Director of the Encrypted Systems Lab at Brown University • Visiting Scientist at Brown University • Background • PhD in Computer Science with a focus on Encrypted Search • Some of my Projects: • Pixek - an e2e encrypted Photo App (https://pixek.com) • Clusion - an open source Encrypted Search Java Library 2
3
4 4% 14,717,618,286* *Since 2013 Aroki Systems https://aroki.com
Why so Few? 5 “…because it would have hurt Yahoo’s ability to index and search message data…” — J. Bonforte in NY Times Cost?Incompetence? Lazyness? Aroki Systems https://aroki.com
Once Upon a Time: No Encryption Memory App !6 TLS Full disk encryption Disk Adversary can see decrypted information in RAM Transparent database encryption Current Situation Aroki Systems https://aroki.com
Once Upon a Time: No Encryption Memory App !7 Disk Adversary sees nothing (Almost) Utopian Situation Aroki Systems https://aroki.com
Q:can we search on encrypted data? 8Aroki Systems https://aroki.com
9 Yes. Aroki Systems https://aroki.com
10 tk Encrypted Search Aroki Systems https://aroki.com
Cryptographic Building Blocks 11 Property-Preserving Encryption (PPE) Fully-Homomorphic Encryption (FHE) Functional Encryption (FE) Oblivious RAM (ORAM) Structured Encryption (STE) Aroki Systems https://aroki.com
Performance LeakageFunctionality 12Aroki Systems https://aroki.com
Evolution from 2000-2019 13 Property-Preserving Encryption (PPE) Oblivious RAM (ORAM) Structured Encryption (STE) DET‘06 OPE‘09 OPE proofs‘11 CryptDB‘12 MS Always Enc‘15 PPE attacks‘15 Snapshot PPE‘16 ORAM‘92 Tree-based ORAM ‘12 SSE‘00 Efficient SSE‘06 STE‘10 Boolean SSE’13 OXT; BlindSeer’14 SQL’17 Inference attacks’12 Path ORAM‘13 Volume attacks ‘19 OblivP2P‘16 CS2’12 Clusion; OpenSSE’16 Distribution-Hiding PPE‘18
Q:what is property-preserving encryption? 14Aroki Systems https://aroki.com
Property-Preserving Encryption (PPE) Maintains a well-defined relation between the original data •equality, order, orthogonality, prefix etc 15 Deterministic encryption [BBN06] =plaintext plaintext =Z2hqc2Rh Z2hqc2Rh Order preserving encryption [BCLO09] <16 20 <6372 18974 Prefix preserving encryption [BBKN01] ⎕Secure Security b2trbSxkZg b2trbSxkZgj2Rh⎕ Aroki Systems https://aroki.com
PPE-based Encrypted Search Encryption 16 Employee Age Salary Sam 35 120K Lilly 30 135K Harry 35 135K HR Employees Table Deterministic Encryption Employee Age Salary eXR5bmR Z2hqc2Rh cHF1ZmJk d2Vyd3Nl bHdrdWV5 aGV5ZGJz ZGZzZGV Z2hqc2Rh aGV5ZGJz Encrypted HR Employees Table Aroki Systems https://aroki.com
PPE-based Encrypted Search Search 17 SELECT * FROM Employees Where Salary = 135k Q = Q Employee Age Salary eXR5bmR Z2hqc2Rh cHF1ZmJk d2Vyd3Nl bHdrdWV5 aGV5ZGJz ZGZzZGV Z2hqc2Rh aGV5ZGJz Encrypted HR Employees Table SELECT * FROM Employees Where Salary = aGV5ZGJz Q = Deterministic Encryption Aroki Systems https://aroki.com
• Legacy-friendliness • No changes to backends • (Almost) Zero overhead • Only encryption and decryption added to the client-side processing • High functionality • DTE and OPE enable the evaluation of complex queries 18 But what about security? PPE-based Encrypted Search Pros & Cons Aroki Systems https://aroki.com
Adversarial Models in Encrypted Search Background 19 Snapshot Adversaries Take (multiple) snapshot(s) of the encrypted data •Device theft Persistent Adversaries Observe the entire state of the database including searches and updates •Machine compromise •Malicious host Active Adversaries Are persistent adversaries that CAN deviate from the protocol •File injection
PPE Security Snapshot Adversary 20 PPE attacks Inference Attacks [NKW15] • sorting attack • Cumulative attack ‘15 ‘16 ’17 ‘18 Extension 2 of Inference Attacks [GSNBR17] • non-crossing attack • w/ non-ideal OPE leakage attack • known plaintext/ciphertext attacks Extension 1 of Inference Attacks [DDC16] • inter-column correlation attack • intra+inter-column correlation attack • leakage attacks Extension 3 of Inference Attacks [BGCRS18] • non-crossing attack • w/ non-ideal OPE leakage attack • known plaintext/ciphertext attacks Up to 100% of data recovery in the weakest adversarial model Aroki Systems https://aroki.com
Q:what is structured encryption? 21Aroki Systems https://aroki.com
Structured Encryption (STE) [CK10] DS EDS Setup 1k, DSEDS, Token , qtk tk Query tk, EDSans ans !22Aroki Systems https://aroki.com
Setup 1k, DSEDS, Token , qtk Query tk, EDSans !23 DS EDS tk ans Structured Encryption (STE) [CK10] Setup Leakage
 LS Query Leakage
 LQ
24 File collection File1 File2 File3 File4 File5 File6 data crypto cryptosecurity data data data privacy privacy crypto data security privacy crypto File1 File3 File4 File6 File2 File4 File5 File2 File3 File6 Inverted index STE-based Encrypted Search Instance Aroki Systems https://aroki.com
25 STE-based Encrypted Search Instance STE 
 encryption data security privacy crypto File1 File3 File4 File6 File2 File4 File5 File2 File3 File6 Aroki Systems https://aroki.com
26 STE-based Encrypted Search Instance “data”Q = tk Think of the token as solution to a maze STE encryption “pt1”, “pt2”, “pt3", “pt4”tk = Aroki Systems https://aroki.com
• (Almost) Zero overhead • Optimal search • High functionality • Exact, range and Boolean search • Legacy-friendliness • Recently solved - was unsolved for almost 20 years 27 But what about security? STE-based Encrypted Search Pros & Cons Aroki Systems https://aroki.com
STE Security Snapshot Adversary 28 Encrypted data structure No query 1st query 2nd query … Aroki Systems https://aroki.com
STE Security Persistent Adversary 29 Encrypted data structure No query 1st query 2nd query … Note that the adversary does not learn the content, but the memory locations Aroki Systems https://aroki.com
STE Cryptanalysis 30 STE attacks Snapshot adversary ‘20 No known attack STE attacks Persistent adversary ‘12 IKK attack [IKK12] • Requires 95% knowledge of the user data ‘15 Count attack [CGPR15] • Requires 80% knowledge of the user data ‘16 Range attack [KKNO16] • Distribution assumptions STE attacks Active adversary ‘16 File injection [ZKP16] Query recovery - no data recovery
Tradeoffs: Performance vs. Security 31 Performance STE/SSE-based PPE-based FHE-based ORAM-based skFE-based pkFE-based Leakage Aroki Systems https://aroki.com
Tradeoffs: Functionality vs. Performance 32 SK-FE-based STE/SSE-based PPE-based FHE-based ORAM-based PK-FE-based Performance Functionality Aroki Systems https://aroki.com
Q:can encrypted search be deployed? 33Aroki Systems https://aroki.com
Why Isn’t Encrypted Search Deployed? 34
End-to-End Encryption Messaging / Video 35 messaging video Aroki Systems https://aroki.com
Q: what about databases? 36Aroki Systems https://aroki.com
37 PPE-based Always Encrypted End-to-End Encryption Databases STE-based (coming soon) AROKI
 SYSTEMS Aroki Systems https://aroki.com PPE-based + Trusted hardware 2019
Thank you! @arokisystems https://aroki.com

Recommended

Side by Side with Elasticsearch and Solr
Side by Side with Elasticsearch and SolrSide by Side with Elasticsearch and Solr
Side by Side with Elasticsearch and SolrSematext Group, Inc.
 
OSMC 2010 | RRDCacheD - how to escape the I/O hell by Sebastian Harl
OSMC 2010 | RRDCacheD - how to escape the I/O hell by Sebastian HarlOSMC 2010 | RRDCacheD - how to escape the I/O hell by Sebastian Harl
OSMC 2010 | RRDCacheD - how to escape the I/O hell by Sebastian HarlNETWAYS
 
CryptoWall: How It Works
CryptoWall: How It WorksCryptoWall: How It Works
CryptoWall: How It WorksTandhy Simanjuntak
 
Beating the Blockchain by Mapping Out Decentralized Namecoin and Emercoin Inf...
Beating the Blockchain by Mapping Out Decentralized Namecoin and Emercoin Inf...Beating the Blockchain by Mapping Out Decentralized Namecoin and Emercoin Inf...
Beating the Blockchain by Mapping Out Decentralized Namecoin and Emercoin Inf...Priyanka Aash
 
Side by Side with Elasticsearch & Solr, Part 2
Side by Side with Elasticsearch & Solr, Part 2Side by Side with Elasticsearch & Solr, Part 2
Side by Side with Elasticsearch & Solr, Part 2Sematext Group, Inc.
 
CONFidence 2018: Detecting Phishing from pDNS (Irena Damsky)
CONFidence 2018: Detecting Phishing from pDNS (Irena Damsky)CONFidence 2018: Detecting Phishing from pDNS (Irena Damsky)
CONFidence 2018: Detecting Phishing from pDNS (Irena Damsky)PROIDEA
 
Indexing Present1
Indexing Present1Indexing Present1
Indexing Present1Nat Weerawan
 
Workshop: Big Data Visualization for Security
Workshop: Big Data Visualization for SecurityWorkshop: Big Data Visualization for Security
Workshop: Big Data Visualization for SecurityRaffael Marty
 

Recommended

Side by Side with Elasticsearch and Solr
Side by Side with Elasticsearch and SolrSide by Side with Elasticsearch and Solr
Side by Side with Elasticsearch and SolrSematext Group, Inc.
 
OSMC 2010 | RRDCacheD - how to escape the I/O hell by Sebastian Harl
OSMC 2010 | RRDCacheD - how to escape the I/O hell by Sebastian HarlOSMC 2010 | RRDCacheD - how to escape the I/O hell by Sebastian Harl
OSMC 2010 | RRDCacheD - how to escape the I/O hell by Sebastian HarlNETWAYS
 
CryptoWall: How It Works
CryptoWall: How It WorksCryptoWall: How It Works
CryptoWall: How It WorksTandhy Simanjuntak
 
Beating the Blockchain by Mapping Out Decentralized Namecoin and Emercoin Inf...
Beating the Blockchain by Mapping Out Decentralized Namecoin and Emercoin Inf...Beating the Blockchain by Mapping Out Decentralized Namecoin and Emercoin Inf...
Beating the Blockchain by Mapping Out Decentralized Namecoin and Emercoin Inf...Priyanka Aash
 
Side by Side with Elasticsearch & Solr, Part 2
Side by Side with Elasticsearch & Solr, Part 2Side by Side with Elasticsearch & Solr, Part 2
Side by Side with Elasticsearch & Solr, Part 2Sematext Group, Inc.
 
CONFidence 2018: Detecting Phishing from pDNS (Irena Damsky)
CONFidence 2018: Detecting Phishing from pDNS (Irena Damsky)CONFidence 2018: Detecting Phishing from pDNS (Irena Damsky)
CONFidence 2018: Detecting Phishing from pDNS (Irena Damsky)PROIDEA
 
Indexing Present1
Indexing Present1Indexing Present1
Indexing Present1Nat Weerawan
 
Workshop: Big Data Visualization for Security
Workshop: Big Data Visualization for SecurityWorkshop: Big Data Visualization for Security
Workshop: Big Data Visualization for SecurityRaffael Marty
 
How a Hacker Sees Your Site
How a Hacker Sees Your SiteHow a Hacker Sees Your Site
How a Hacker Sees Your SitePatrick Laverty
 
PEM1: Device Authentication in IIOT ( Predix Transform 2016)
PEM1: Device Authentication in IIOT ( Predix Transform 2016)PEM1: Device Authentication in IIOT ( Predix Transform 2016)
PEM1: Device Authentication in IIOT ( Predix Transform 2016)Predix
 
Black hat usa_2015-bypass_surgery-6_aug2015
Black hat usa_2015-bypass_surgery-6_aug2015Black hat usa_2015-bypass_surgery-6_aug2015
Black hat usa_2015-bypass_surgery-6_aug2015a4202655
 
MongoDB and Spark
MongoDB and SparkMongoDB and Spark
MongoDB and SparkNorberto Leite
 
MongoDB.local Dallas 2019: MongoDB and Spark
MongoDB.local Dallas 2019: MongoDB and SparkMongoDB.local Dallas 2019: MongoDB and Spark
MongoDB.local Dallas 2019: MongoDB and SparkMongoDB
 
ACM BPM and elasticsearch AMIS25
ACM BPM and elasticsearch AMIS25ACM BPM and elasticsearch AMIS25
ACM BPM and elasticsearch AMIS25Getting value from IoT, Integration and Data Analytics
 
JWT: jku x5u
JWT: jku x5uJWT: jku x5u
JWT: jku x5usnyff
 
Sumo Logic Cert Jam - Security & Compliance
Sumo Logic Cert Jam - Security & ComplianceSumo Logic Cert Jam - Security & Compliance
Sumo Logic Cert Jam - Security & ComplianceSumo Logic
 
Building Search for Bitbucket Cloud
Building Search for Bitbucket CloudBuilding Search for Bitbucket Cloud
Building Search for Bitbucket CloudAtlassian
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseSplunk
 
Autodiscovery or The long tail of open data
Autodiscovery or The long tail of open dataAutodiscovery or The long tail of open data
Autodiscovery or The long tail of open dataConnected Data World
 
エンタープライズブロックチェーン基盤のひとつとしてのHyperledger Fabricの強みと課題
エンタープライズブロックチェーン基盤のひとつとしてのHyperledger Fabricの強みと課題エンタープライズブロックチェーン基盤のひとつとしてのHyperledger Fabricの強みと課題
エンタープライズブロックチェーン基盤のひとつとしてのHyperledger Fabricの強みと課題Hyperleger Tokyo Meetup
 
Logging with Elasticsearch, Logstash & Kibana
Logging with Elasticsearch, Logstash & KibanaLogging with Elasticsearch, Logstash & Kibana
Logging with Elasticsearch, Logstash & KibanaAmazee Labs
 
[Oracle Innovation Summit Tokyo 2018] ブロックチェーンで切り拓く新たな世界
[Oracle Innovation Summit Tokyo 2018] ブロックチェーンで切り拓く新たな世界[Oracle Innovation Summit Tokyo 2018] ブロックチェーンで切り拓く新たな世界
[Oracle Innovation Summit Tokyo 2018] ブロックチェーンで切り拓く新たな世界オラクルエンジニア通信
 
Kyiv.py #16 october 2015
Kyiv.py #16 october 2015Kyiv.py #16 october 2015
Kyiv.py #16 october 2015Andrii Soldatenko
 
(130511) #fitalk network forensics and its role and scope
(130511) #fitalk network forensics and its role and scope(130511) #fitalk network forensics and its role and scope
(130511) #fitalk network forensics and its role and scopeINSIGHT FORENSIC
 
Dreaming of IoCs Adding Time Context to Threat Intelligence
Dreaming of IoCs Adding Time Context to Threat IntelligenceDreaming of IoCs Adding Time Context to Threat Intelligence
Dreaming of IoCs Adding Time Context to Threat IntelligencePriyanka Aash
 
Leveraging Apache Spark and Delta Lake for Efficient Data Encryption at Scale
Leveraging Apache Spark and Delta Lake for Efficient Data Encryption at ScaleLeveraging Apache Spark and Delta Lake for Efficient Data Encryption at Scale
Leveraging Apache Spark and Delta Lake for Efficient Data Encryption at ScaleDatabricks
 
BRKSEC-3144.pdf
BRKSEC-3144.pdfBRKSEC-3144.pdf
BRKSEC-3144.pdfHaitamSouissi1
 
#startathon2.0 - Spark Core
#startathon2.0 - Spark Core#startathon2.0 - Spark Core
#startathon2.0 - Spark Coresl2square
 
Brian Sanders - Business Electronic Compromise (BEC)
Brian Sanders - Business Electronic Compromise (BEC)Brian Sanders - Business Electronic Compromise (BEC)
Brian Sanders - Business Electronic Compromise (BEC)CSNP
 
David Klein - Defending Against Nation Sate Attackers & Ransomware
David Klein - Defending Against Nation Sate Attackers & RansomwareDavid Klein - Defending Against Nation Sate Attackers & Ransomware
David Klein - Defending Against Nation Sate Attackers & RansomwareCSNP
 

More Related Content

Similar to Tarik Moataz - Encrypted Search: from Research to Real-World Systems

How a Hacker Sees Your Site
How a Hacker Sees Your SiteHow a Hacker Sees Your Site
How a Hacker Sees Your SitePatrick Laverty
 
PEM1: Device Authentication in IIOT ( Predix Transform 2016)
PEM1: Device Authentication in IIOT ( Predix Transform 2016)PEM1: Device Authentication in IIOT ( Predix Transform 2016)
PEM1: Device Authentication in IIOT ( Predix Transform 2016)Predix
 
Black hat usa_2015-bypass_surgery-6_aug2015
Black hat usa_2015-bypass_surgery-6_aug2015Black hat usa_2015-bypass_surgery-6_aug2015
Black hat usa_2015-bypass_surgery-6_aug2015a4202655
 
MongoDB.local Dallas 2019: MongoDB and Spark
MongoDB.local Dallas 2019: MongoDB and SparkMongoDB.local Dallas 2019: MongoDB and Spark
MongoDB.local Dallas 2019: MongoDB and SparkMongoDB
 
JWT: jku x5u
JWT: jku x5uJWT: jku x5u
JWT: jku x5usnyff
 
Sumo Logic Cert Jam - Security & Compliance
Sumo Logic Cert Jam - Security & ComplianceSumo Logic Cert Jam - Security & Compliance
Sumo Logic Cert Jam - Security & ComplianceSumo Logic
 
Building Search for Bitbucket Cloud
Building Search for Bitbucket CloudBuilding Search for Bitbucket Cloud
Building Search for Bitbucket CloudAtlassian
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseSplunk
 
Autodiscovery or The long tail of open data
Autodiscovery or The long tail of open dataAutodiscovery or The long tail of open data
Autodiscovery or The long tail of open dataConnected Data World
 
エンタープライズブロックチェーン基盤のひとつとしてのHyperledger Fabricの強みと課題
エンタープライズブロックチェーン基盤のひとつとしてのHyperledger Fabricの強みと課題エンタープライズブロックチェーン基盤のひとつとしてのHyperledger Fabricの強みと課題
エンタープライズブロックチェーン基盤のひとつとしてのHyperledger Fabricの強みと課題Hyperleger Tokyo Meetup
 
Logging with Elasticsearch, Logstash & Kibana
Logging with Elasticsearch, Logstash & KibanaLogging with Elasticsearch, Logstash & Kibana
Logging with Elasticsearch, Logstash & KibanaAmazee Labs
 
[Oracle Innovation Summit Tokyo 2018] ブロックチェーンで切り拓く新たな世界
[Oracle Innovation Summit Tokyo 2018] ブロックチェーンで切り拓く新たな世界[Oracle Innovation Summit Tokyo 2018] ブロックチェーンで切り拓く新たな世界
[Oracle Innovation Summit Tokyo 2018] ブロックチェーンで切り拓く新たな世界オラクルエンジニア通信
 
(130511) #fitalk network forensics and its role and scope
(130511) #fitalk network forensics and its role and scope(130511) #fitalk network forensics and its role and scope
(130511) #fitalk network forensics and its role and scopeINSIGHT FORENSIC
 
Dreaming of IoCs Adding Time Context to Threat Intelligence
Dreaming of IoCs Adding Time Context to Threat IntelligenceDreaming of IoCs Adding Time Context to Threat Intelligence
Dreaming of IoCs Adding Time Context to Threat IntelligencePriyanka Aash
 
Leveraging Apache Spark and Delta Lake for Efficient Data Encryption at Scale
Leveraging Apache Spark and Delta Lake for Efficient Data Encryption at ScaleLeveraging Apache Spark and Delta Lake for Efficient Data Encryption at Scale
Leveraging Apache Spark and Delta Lake for Efficient Data Encryption at ScaleDatabricks
 
#startathon2.0 - Spark Core
#startathon2.0 - Spark Core#startathon2.0 - Spark Core
#startathon2.0 - Spark Coresl2square
 

Similar to Tarik Moataz - Encrypted Search: from Research to Real-World Systems (20)

How a Hacker Sees Your Site
How a Hacker Sees Your SiteHow a Hacker Sees Your Site
How a Hacker Sees Your Site
 
PEM1: Device Authentication in IIOT ( Predix Transform 2016)
PEM1: Device Authentication in IIOT ( Predix Transform 2016)PEM1: Device Authentication in IIOT ( Predix Transform 2016)
PEM1: Device Authentication in IIOT ( Predix Transform 2016)
 
Black hat usa_2015-bypass_surgery-6_aug2015
Black hat usa_2015-bypass_surgery-6_aug2015Black hat usa_2015-bypass_surgery-6_aug2015
Black hat usa_2015-bypass_surgery-6_aug2015
 
MongoDB and Spark
MongoDB and SparkMongoDB and Spark
MongoDB and Spark
 
MongoDB.local Dallas 2019: MongoDB and Spark
MongoDB.local Dallas 2019: MongoDB and SparkMongoDB.local Dallas 2019: MongoDB and Spark
MongoDB.local Dallas 2019: MongoDB and Spark
 
ACM BPM and elasticsearch AMIS25
ACM BPM and elasticsearch AMIS25ACM BPM and elasticsearch AMIS25
ACM BPM and elasticsearch AMIS25
 
JWT: jku x5u
JWT: jku x5uJWT: jku x5u
JWT: jku x5u
 
Sumo Logic Cert Jam - Security & Compliance
Sumo Logic Cert Jam - Security & ComplianceSumo Logic Cert Jam - Security & Compliance
Sumo Logic Cert Jam - Security & Compliance
 
Building Search for Bitbucket Cloud
Building Search for Bitbucket CloudBuilding Search for Bitbucket Cloud
Building Search for Bitbucket Cloud
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
 
Autodiscovery or The long tail of open data
Autodiscovery or The long tail of open dataAutodiscovery or The long tail of open data
Autodiscovery or The long tail of open data
 
エンタープライズブロックチェーン基盤のひとつとしてのHyperledger Fabricの強みと課題
エンタープライズブロックチェーン基盤のひとつとしてのHyperledger Fabricの強みと課題エンタープライズブロックチェーン基盤のひとつとしてのHyperledger Fabricの強みと課題
エンタープライズブロックチェーン基盤のひとつとしてのHyperledger Fabricの強みと課題
 
Logging with Elasticsearch, Logstash & Kibana
Logging with Elasticsearch, Logstash & KibanaLogging with Elasticsearch, Logstash & Kibana
Logging with Elasticsearch, Logstash & Kibana
 
[Oracle Innovation Summit Tokyo 2018] ブロックチェーンで切り拓く新たな世界
[Oracle Innovation Summit Tokyo 2018] ブロックチェーンで切り拓く新たな世界[Oracle Innovation Summit Tokyo 2018] ブロックチェーンで切り拓く新たな世界
[Oracle Innovation Summit Tokyo 2018] ブロックチェーンで切り拓く新たな世界
 
Kyiv.py #16 october 2015
Kyiv.py #16 october 2015Kyiv.py #16 october 2015
Kyiv.py #16 october 2015
 
(130511) #fitalk network forensics and its role and scope
(130511) #fitalk network forensics and its role and scope(130511) #fitalk network forensics and its role and scope
(130511) #fitalk network forensics and its role and scope
 
Dreaming of IoCs Adding Time Context to Threat Intelligence
Dreaming of IoCs Adding Time Context to Threat IntelligenceDreaming of IoCs Adding Time Context to Threat Intelligence
Dreaming of IoCs Adding Time Context to Threat Intelligence
 
Leveraging Apache Spark and Delta Lake for Efficient Data Encryption at Scale
Leveraging Apache Spark and Delta Lake for Efficient Data Encryption at ScaleLeveraging Apache Spark and Delta Lake for Efficient Data Encryption at Scale
Leveraging Apache Spark and Delta Lake for Efficient Data Encryption at Scale
 
BRKSEC-3144.pdf
BRKSEC-3144.pdfBRKSEC-3144.pdf
BRKSEC-3144.pdf
 
#startathon2.0 - Spark Core
#startathon2.0 - Spark Core#startathon2.0 - Spark Core
#startathon2.0 - Spark Core
 

More from CSNP

Brian Sanders - Business Electronic Compromise (BEC)
Brian Sanders - Business Electronic Compromise (BEC)Brian Sanders - Business Electronic Compromise (BEC)
Brian Sanders - Business Electronic Compromise (BEC)CSNP
 
David Klein - Defending Against Nation Sate Attackers & Ransomware
David Klein - Defending Against Nation Sate Attackers & RansomwareDavid Klein - Defending Against Nation Sate Attackers & Ransomware
David Klein - Defending Against Nation Sate Attackers & RansomwareCSNP
 
Nicholas Dorans - The Evolution of Passwords
Nicholas Dorans - The Evolution of PasswordsNicholas Dorans - The Evolution of Passwords
Nicholas Dorans - The Evolution of PasswordsCSNP
 
Neil Desai - Data Driven Analytics
Neil Desai - Data Driven AnalyticsNeil Desai - Data Driven Analytics
Neil Desai - Data Driven AnalyticsCSNP
 
Emily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum CryptographyEmily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum CryptographyCSNP
 
Elliptic Curves in Cryptography
Elliptic Curves in CryptographyElliptic Curves in Cryptography
Elliptic Curves in CryptographyCSNP
 
DefendEdge - Negotiating Ransomware
DefendEdge - Negotiating RansomwareDefendEdge - Negotiating Ransomware
DefendEdge - Negotiating RansomwareCSNP
 
Cambridge Quantum Computing - The Need for Certifiable Quantum Encryption and...
Cambridge Quantum Computing - The Need for Certifiable Quantum Encryption and...Cambridge Quantum Computing - The Need for Certifiable Quantum Encryption and...
Cambridge Quantum Computing - The Need for Certifiable Quantum Encryption and...CSNP
 
Complyify Car Hacking & Cyber Risk
Complyify Car Hacking & Cyber RiskComplyify Car Hacking & Cyber Risk
Complyify Car Hacking & Cyber RiskCSNP
 
Aon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesAon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesCSNP
 
Aon - Cyber Insurance in the World of Cyber Criminals
Aon - Cyber Insurance in the World of Cyber CriminalsAon - Cyber Insurance in the World of Cyber Criminals
Aon - Cyber Insurance in the World of Cyber CriminalsCSNP
 
Guardicore - Shrink Your Attack Surface with Micro-Segmentation
Guardicore - Shrink Your Attack Surface with Micro-SegmentationGuardicore - Shrink Your Attack Surface with Micro-Segmentation
Guardicore - Shrink Your Attack Surface with Micro-SegmentationCSNP
 

More from CSNP (12)

Brian Sanders - Business Electronic Compromise (BEC)
Brian Sanders - Business Electronic Compromise (BEC)Brian Sanders - Business Electronic Compromise (BEC)
Brian Sanders - Business Electronic Compromise (BEC)
 
David Klein - Defending Against Nation Sate Attackers & Ransomware
David Klein - Defending Against Nation Sate Attackers & RansomwareDavid Klein - Defending Against Nation Sate Attackers & Ransomware
David Klein - Defending Against Nation Sate Attackers & Ransomware
 
Nicholas Dorans - The Evolution of Passwords
Nicholas Dorans - The Evolution of PasswordsNicholas Dorans - The Evolution of Passwords
Nicholas Dorans - The Evolution of Passwords
 
Neil Desai - Data Driven Analytics
Neil Desai - Data Driven AnalyticsNeil Desai - Data Driven Analytics
Neil Desai - Data Driven Analytics
 
Emily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum CryptographyEmily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum Cryptography
 
Elliptic Curves in Cryptography
Elliptic Curves in CryptographyElliptic Curves in Cryptography
Elliptic Curves in Cryptography
 
DefendEdge - Negotiating Ransomware
DefendEdge - Negotiating RansomwareDefendEdge - Negotiating Ransomware
DefendEdge - Negotiating Ransomware
 
Cambridge Quantum Computing - The Need for Certifiable Quantum Encryption and...
Cambridge Quantum Computing - The Need for Certifiable Quantum Encryption and...Cambridge Quantum Computing - The Need for Certifiable Quantum Encryption and...
Cambridge Quantum Computing - The Need for Certifiable Quantum Encryption and...
 
Complyify Car Hacking & Cyber Risk
Complyify Car Hacking & Cyber RiskComplyify Car Hacking & Cyber Risk
Complyify Car Hacking & Cyber Risk
 
Aon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesAon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation Strategies
 
Aon - Cyber Insurance in the World of Cyber Criminals
Aon - Cyber Insurance in the World of Cyber CriminalsAon - Cyber Insurance in the World of Cyber Criminals
Aon - Cyber Insurance in the World of Cyber Criminals
 
Guardicore - Shrink Your Attack Surface with Micro-Segmentation
Guardicore - Shrink Your Attack Surface with Micro-SegmentationGuardicore - Shrink Your Attack Surface with Micro-Segmentation
Guardicore - Shrink Your Attack Surface with Micro-Segmentation
 

Recently uploaded

Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 

Recently uploaded (20)

E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 

Tarik Moataz - Encrypted Search: from Research to Real-World Systems

  • 1. Encrypted Search From Research to Real-World Systems Tarik Moataz CSNP Boston Chapter Jan 23rd 2020 AROKI
 SYSTEMS
  • 2. A little bit about me… • Currently • Chief Technology Officer at Aroki Systems (https://aroki.com ) • Associate Director of the Encrypted Systems Lab at Brown University • Visiting Scientist at Brown University • Background • PhD in Computer Science with a focus on Encrypted Search • Some of my Projects: • Pixek - an e2e encrypted Photo App (https://pixek.com) • Clusion - an open source Encrypted Search Java Library 2
  • 3. 3
  • 5. Why so Few? 5 “…because it would have hurt Yahoo’s ability to index and search message data…” — J. Bonforte in NY Times Cost?Incompetence? Lazyness? Aroki Systems https://aroki.com
  • 6. Once Upon a Time: No Encryption Memory App !6 TLS Full disk encryption Disk Adversary can see decrypted information in RAM Transparent database encryption Current Situation Aroki Systems https://aroki.com
  • 7. Once Upon a Time: No Encryption Memory App !7 Disk Adversary sees nothing (Almost) Utopian Situation Aroki Systems https://aroki.com
  • 8. Q:can we search on encrypted data? 8Aroki Systems https://aroki.com
  • 11. Cryptographic Building Blocks 11 Property-Preserving Encryption (PPE) Fully-Homomorphic Encryption (FHE) Functional Encryption (FE) Oblivious RAM (ORAM) Structured Encryption (STE) Aroki Systems https://aroki.com
  • 13. Evolution from 2000-2019 13 Property-Preserving Encryption (PPE) Oblivious RAM (ORAM) Structured Encryption (STE) DET‘06 OPE‘09 OPE proofs‘11 CryptDB‘12 MS Always Enc‘15 PPE attacks‘15 Snapshot PPE‘16 ORAM‘92 Tree-based ORAM ‘12 SSE‘00 Efficient SSE‘06 STE‘10 Boolean SSE’13 OXT; BlindSeer’14 SQL’17 Inference attacks’12 Path ORAM‘13 Volume attacks ‘19 OblivP2P‘16 CS2’12 Clusion; OpenSSE’16 Distribution-Hiding PPE‘18
  • 14. Q:what is property-preserving encryption? 14Aroki Systems https://aroki.com
  • 15. Property-Preserving Encryption (PPE) Maintains a well-defined relation between the original data •equality, order, orthogonality, prefix etc 15 Deterministic encryption [BBN06] =plaintext plaintext =Z2hqc2Rh Z2hqc2Rh Order preserving encryption [BCLO09] <16 20 <6372 18974 Prefix preserving encryption [BBKN01] ⎕Secure Security b2trbSxkZg b2trbSxkZgj2Rh⎕ Aroki Systems https://aroki.com
  • 16. PPE-based Encrypted Search Encryption 16 Employee Age Salary Sam 35 120K Lilly 30 135K Harry 35 135K HR Employees Table Deterministic Encryption Employee Age Salary eXR5bmR Z2hqc2Rh cHF1ZmJk d2Vyd3Nl bHdrdWV5 aGV5ZGJz ZGZzZGV Z2hqc2Rh aGV5ZGJz Encrypted HR Employees Table Aroki Systems https://aroki.com
  • 17. PPE-based Encrypted Search Search 17 SELECT * FROM Employees Where Salary = 135k Q = Q Employee Age Salary eXR5bmR Z2hqc2Rh cHF1ZmJk d2Vyd3Nl bHdrdWV5 aGV5ZGJz ZGZzZGV Z2hqc2Rh aGV5ZGJz Encrypted HR Employees Table SELECT * FROM Employees Where Salary = aGV5ZGJz Q = Deterministic Encryption Aroki Systems https://aroki.com
  • 18. • Legacy-friendliness • No changes to backends • (Almost) Zero overhead • Only encryption and decryption added to the client-side processing • High functionality • DTE and OPE enable the evaluation of complex queries 18 But what about security? PPE-based Encrypted Search Pros & Cons Aroki Systems https://aroki.com
  • 19. Adversarial Models in Encrypted Search Background 19 Snapshot Adversaries Take (multiple) snapshot(s) of the encrypted data •Device theft Persistent Adversaries Observe the entire state of the database including searches and updates •Machine compromise •Malicious host Active Adversaries Are persistent adversaries that CAN deviate from the protocol •File injection
  • 20. PPE Security Snapshot Adversary 20 PPE attacks Inference Attacks [NKW15] • sorting attack • Cumulative attack ‘15 ‘16 ’17 ‘18 Extension 2 of Inference Attacks [GSNBR17] • non-crossing attack • w/ non-ideal OPE leakage attack • known plaintext/ciphertext attacks Extension 1 of Inference Attacks [DDC16] • inter-column correlation attack • intra+inter-column correlation attack • leakage attacks Extension 3 of Inference Attacks [BGCRS18] • non-crossing attack • w/ non-ideal OPE leakage attack • known plaintext/ciphertext attacks Up to 100% of data recovery in the weakest adversarial model Aroki Systems https://aroki.com
  • 21. Q:what is structured encryption? 21Aroki Systems https://aroki.com
  • 22. Structured Encryption (STE) [CK10] DS EDS Setup 1k, DSEDS, Token , qtk tk Query tk, EDSans ans !22Aroki Systems https://aroki.com
  • 23. Setup 1k, DSEDS, Token , qtk Query tk, EDSans !23 DS EDS tk ans Structured Encryption (STE) [CK10] Setup Leakage
 LS Query Leakage
 LQ
  • 24. 24 File collection File1 File2 File3 File4 File5 File6 data crypto cryptosecurity data data data privacy privacy crypto data security privacy crypto File1 File3 File4 File6 File2 File4 File5 File2 File3 File6 Inverted index STE-based Encrypted Search Instance Aroki Systems https://aroki.com
  • 25. 25 STE-based Encrypted Search Instance STE 
 encryption data security privacy crypto File1 File3 File4 File6 File2 File4 File5 File2 File3 File6 Aroki Systems https://aroki.com
  • 26. 26 STE-based Encrypted Search Instance “data”Q = tk Think of the token as solution to a maze STE encryption “pt1”, “pt2”, “pt3", “pt4”tk = Aroki Systems https://aroki.com
  • 27. • (Almost) Zero overhead • Optimal search • High functionality • Exact, range and Boolean search • Legacy-friendliness • Recently solved - was unsolved for almost 20 years 27 But what about security? STE-based Encrypted Search Pros & Cons Aroki Systems https://aroki.com
  • 28. STE Security Snapshot Adversary 28 Encrypted data structure No query 1st query 2nd query … Aroki Systems https://aroki.com
  • 29. STE Security Persistent Adversary 29 Encrypted data structure No query 1st query 2nd query … Note that the adversary does not learn the content, but the memory locations Aroki Systems https://aroki.com
  • 30. STE Cryptanalysis 30 STE attacks Snapshot adversary ‘20 No known attack STE attacks Persistent adversary ‘12 IKK attack [IKK12] • Requires 95% knowledge of the user data ‘15 Count attack [CGPR15] • Requires 80% knowledge of the user data ‘16 Range attack [KKNO16] • Distribution assumptions STE attacks Active adversary ‘16 File injection [ZKP16] Query recovery - no data recovery
  • 31. Tradeoffs: Performance vs. Security 31 Performance STE/SSE-based PPE-based FHE-based ORAM-based skFE-based pkFE-based Leakage Aroki Systems https://aroki.com
  • 32. Tradeoffs: Functionality vs. Performance 32 SK-FE-based STE/SSE-based PPE-based FHE-based ORAM-based PK-FE-based Performance Functionality Aroki Systems https://aroki.com
  • 33. Q:can encrypted search be deployed? 33Aroki Systems https://aroki.com
  • 34. Why Isn’t Encrypted Search Deployed? 34
  • 35. End-to-End Encryption Messaging / Video 35 messaging video Aroki Systems https://aroki.com
  • 36. Q: what about databases? 36Aroki Systems https://aroki.com
  • 37. 37 PPE-based Always Encrypted End-to-End Encryption Databases STE-based (coming soon) AROKI
 SYSTEMS Aroki Systems https://aroki.com PPE-based + Trusted hardware 2019