讲座题目：搜索加密及其被动攻击

讲座人：  梁开泰 博士

讲座时间： 10：10-11：30

讲座日期： 2017-10-11

地点：   长安校区文津楼三段6层622报告厅 

主办单位：太阳集团tcy8722网站

讲座内容简介：

    搜索加密允许用户在远端服务器上对数据进行隐私保护的查询。这种安全机制保证了数据的隐私性同时也防止服务器获取相应的查询内容。先前很多关于搜索加密的研究工作主要关注于搜索效率，然而允许一定程度的信息外漏。这些信息的外漏，在搜索加密上，应该被有效的进行测量，从而使我们能预判未来会遭受到哪种攻击。这个讲座将会介绍一种新的针对于搜索加密的被动攻击。基于某些被动的信息（服务器的先前知识和服务器在搜索中得到的知识），这种攻击能以较高的概率/准确率揭开搜索询问和搜索关键字之间的关系。

讲座人简介

梁开泰，男，1985年10月生，2014年毕业于香港城市大学计算机系，获博士学位（导师王石），2008年毕业于华南农业大学信息学院计算机应用技术专业，获理学硕士学位（导师杨波），2004年毕业于华南农业大学软件学院软件工程专业，获工学学士学位，2014年-2016年于芬兰阿尔托大学计算机系担任博士后（导师Kaisa Nyberg）。博士和博后期间，先后访问澳大利亚卧龙岗大学，新加坡I2R，University College London, Newcastle University, Sapienza University of Rome, KU LEUVEN, University of Padua等。曾参与芬兰国家自然科学基金，新加坡A*STAR，澳洲科研，香港及中国自然科学基金等项目。发表学术论文50余篇，其中SCI期刊20余篇，IEEE期刊10余篇。曾担任LNCS/ACM等国际会议的委员，多个国际会议及期刊的审稿人。主要研究方向是：应用密码学，隐私保护和信息安全。现于萨里大学计算机系担任讲师（助理教授）。

Abstract

      Searchable encryption (SE) provides a privacy-preserving mechanism for data user to search over encrypted data stored on a remote server. It guarantees the confidentiality of the outsourced data but also attempts to prevent the server from knowing ``what search queries are''. Many prior research works have designed SE schemes with high efficiency yet allowing some degree of leakage profile to the remote server. The leakage, however, should be further measured to allow us to understand what types of attacks an SE scheme would encounter. This talk presents a new type of attack, dubbed passive attack, which is only based on some ``passive'' knowledge, namely the prior knowledge of the server (before search) and the file-revealed pattern (leaked to the server during search). We state that the attack can reveal the relationship between search queries and the underlying keywords with high success rate, and thus violating the privacy of search queries.

Biography

      Liang Kaitai, male, born in October 1985. He received the Ph.D. degree in computer science (applied cryptography direction) at Department of Computer Science, City University of Hong Kong in October 2014. His main research interests are cybersecurity, privacy and security in information technology; in particular, cloud computing security, big data security, Internet of things, privacy enhancing technology and lightweight secure system. He is currently a lecturer (assistant professor) at Department of Computer Science, University of Surrey, U.K. Before joining Surrey, he was a post-doctoral researcher and a lecturer, at Department of Computer Science, Aalto University, and School of Computing, Mathematics and Digital technology, Manchester Metropolitan University, respectively. He has published more than 50 high tier papers in International security conferences (e.g. ESORICS) and journals (IEEE TIFS/TC). He has presented many academic talks in world-wide universities, e.g., KU LEUVEN (Belgium), Newcastle University (U.K.), University of Birmingham (U.K.), Nanyang Technological University, Japan Advanced Institute of Science and Technology, and Sapienza University of Rome. He also has been programme committee for International security conferences, such as ACNS, ASIACCS, and TrustCom.