Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Breaking Web Applications Built On Top of Encrypted Data

Association for Computing Machinery (ACM) via YouTube

Overview

Explore a conference talk from CCS 2016 that delves into the vulnerabilities of web applications built on encrypted data. Learn about the authors' contributions, the current state of web applications, and the proposed solution of data encryption. Examine a case study on Mylar, including attacks against it and the risks associated with metadata. Investigate active threat models, plaintext recovery attacks, and collusion with compromised clients. Gain insights into powerful attacks and their broader implications. Conclude with a discussion on defining security for multi-key searchable encryption (MKSE) in this 29-minute presentation by researchers from Cornell University, University of Texas at Austin, University of Southern California, and Cornell Tech.

Syllabus

Intro
Our contributions
Web applications today
Solution: encrypt the data!
Example: Cloud Drive
Multi-key searchable encryption
From crypto scheme to system?
BOPET case study: Mylar
Attacks against Mylar
"Snapshot passive" threat model
The risks of metadata
Example from Mylar paper
Bigger picture on metadata
Active threat model
Plaintext recovery attack
Collusion w/ compromised client
Experiments
Powerful attack
Bigger picture on active attacks
Conclusion
Defining security for MKSE

Taught by

ACM CCS

Reviews

Start your review of Breaking Web Applications Built On Top of Encrypted Data

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.