Title :
SSARES: Secure Searchable Automated Remote Email Storage
Author :
Aviv, Adam J. ; Locasto, Michael E. ; Potter, Shaya ; Keromytis, Angelos D.
Author_Institution :
Univ. of Pennsylvania, Philadelphia
Abstract :
The increasing centralization of networked services places user data at considerable risk. For example, many users store email on remote servers rather than on their local disk. Doing so allows users to gain the benefit of regular backups and remote access, but it also places a great deal of unwarranted trust in the server. Since most email is stored in plaintext, a compromise of the server implies the loss of confidentiality and integrity of the email stored therein. Although users could employ an end-to-end encryption scheme (e.g., PGP), such measures are not widely adopted, require action on the sender side, only provide partial protection (the email headers remain in the clear), and prevent the users from performing some common operations, such as server-side search. To address this problem, we present secure searchable automated remote email storage (SSARES), a novel system that offers a practical approach to both securing remotely stored email and allowing privacy-preserving search of that email collection. Our solution encrypts email (the headers, body, and attachments) as it arrives on the server using public-key encryption. SSARES uses a combination of identity based encryption and bloom filters to create a searchable index. This index reveals little information about search keywords and queries, even against adversaries that compromise the server. SSARES remains largely transparent to both the sender and recipient.
Keywords :
data integrity; electronic mail; public key cryptography; remote procedure calls; storage management; SSARES; bloom filters; confidentiality loss; end-to-end encryption; integrity loss; networked services centralization; privacy-preserving search; public-key encryption; secure searchable automated remote email storage; Computer science; Computer security; Cryptography; Filters; Identity-based encryption; Network servers; Protection; Public key; Secure storage; Storage automation;
Conference_Titel :
Computer Security Applications Conference, 2007. ACSAC 2007. Twenty-Third Annual
Conference_Location :
Miami Beach, FL
Print_ISBN :
978-0-7695-3060-4
DOI :
10.1109/ACSAC.2007.30