Searchable Encryption (SE) is a type of secure tool that enables a client to outsource its encrypted data to an honest-but-curious server and further performs the dynamic update and keyword search over the ciphertexts. The client is allowed to locally maintain a secret key that is used to issue data update queries to the server for ciphertext addition and deletion, but also to generate a secure trapdoor for search queries. DSSE has been widely deployed in real-world applications, such as Lookout, bitglass, Cossack Labs' Acra, and MVISION Cloud, providing secure queries over encrypted cloud-based data.
In this talk, we will show a security risk, key compromise – which has not been considered yet – for all existing SE systems. Once the key of a client is exposed to network attackers, all the design efforts spent on encryption and secure search mechanisms will be in vain. We will also explore potential countermeasures to address the risk.