Revisiting Security Risks of Asymmetric ScalarProduct Preserving Encryption and Its Variants
Weipeng Lin, Ke Wang, Zhilin Zhang and Hong Chen
Simon Fraser Univeristy, Simon Fraser University, Simon Fraser University, Renmin University of China

Cloud computing has emerged as a compelling vision for managing data and delivering query answering capability over the internet. This new way of computing also poses a real risk of disclosing confidential information to the cloud. Searchable encryption addresses this issue by allowing the cloud to compute the answer to a query based on the ciphertexts of data and queries. Thanks to its inner product preservation property, the asymmetric scalar-product-preserving encryption (ASPE) has been adopted and enhanced in a growing number of works to perform a variety of queries and tasks in the cloud computing setting. However, the security property of ASPE and its enhanced schemes has not been studied carefully. In this paper, we show a complete disclosure of ASPE and several previously unknown security risks of its enhanced schemes. Meanwhile, efficient algorithms are proposed to learn the plaintext of data and queries encrypted by these schemes with little or no knowledge beyond the ciphertexts. We demonstrate these risks on real data sets.