ENCRYPTO HiWi Position: Implementing Attacks on Searchable Encryption
Motivation & Goal
As more and more user data is outsourced onto third-party cloud services, methods for protecting the privacy of users are receiving increasing attention from researchers as well as from industry. In particular, the cryptographic community has developed a range of efficient searchable encryption (SE) schemes, enabling users to search their encrypted data stored on a service provider's server. This protects the user's data and queries without compromising the functionality the service provides.
Many SE schemes leak some information that has been exploited by a broad range of attacks. These attacks demonstrate that, under some assumptions, leakage profiles can be abused to infer information about a user's underlying data or queries. However, these assumptions vary and are often tailored to benefit specific attacks. For instance, many attacks assume the user picks their queries uniformly at random. Most attacks are also only evaluated on a small number of specific datasets, limiting the evaluation on real-world data.
To provide a useful comparison between the attacks under different assumptions, distributions, and test data, the applicant's tasks consist of implementing selected SE attacks as well as evaluating them on specified test data to see how the attacks perform under real-world conditions. Building on this, the features of the provided implementations can then be extended to accommodate further attack scenarios.
The results emerging from this work are essential contributions to research papers that will be published at international top conferences.
- Good programming skills
- High motivation and creativity + ability to work independently
- Flexible working hours
- Experience with reading research papers is beneficial
- Knowledge of the English language goes without saying