LEAKER

A framework for LEakage AttacK Evaluation on Real-world data

This framework allows for an easy evaluation of leakage attacks against encrypted search.

---

Included Attacks

Currently, LEAKER includes the following attacks:

• Range Attacks:
  • [LMP18]
  • [GLMP18]
  • [GLMP19]
  • [GJW19]
  • [KPT20]
  • [KPT21]
• Keyword Attacks:
  • [IKK12]
  • [CGPR15]
  • [BKM20]
  • [RPH21]
  • [NHP+21]
  • [DHP21]

---

Requirements

The framework has been written in Python 3.8. To install all requirements, you can use the requirements.txt file:

pip install -r requirements.txt

Additional steps are necessary for some attacks or optimizations:

• For GLMP to use graph-tool, you optionally can install python3-graph-tool and set the PYTHON_DIST_PACKAGES_DIRECTORY variable in api/constants.py appropriately.

• For ApproxOrder, pybind11 and PQ-trees need to be downloaded, slighlty modified, and built. A script that does this is automatically called if the requirements are met. To enable this, you need to give that script executable permissions:

  chmod +x leaker/pq-trees/compile_pq-trees.sh

• For speed ups to ARR and APA using numba, you need to ensure its dependencies are met on your system.

To install LEAKER on your system, run:

pip install -e .

Generating the documentation will require pdoc.

---

Structure

• data will be created by LEAKER to store indexed data and caches (in data/pickle and data/whoosh) as well as the output of evaluations (data/figures).
• data_sources is a folder to input in the raw data to be indexed by LEAKER. Our examples and evaluation scripts use it, but you can use any input directory with LEAKER.
• evaluations contains the scripts to replicate the experiments in our paper. The GOOGLE_README.txt contains the instructions given to the participants that evaluated attacks on their private Google data. leap_experiment.py contains the reproduction of the LEAP experiment.
• examples.py contains simple examples to show the usage of LEAKER.
• leaker contains the core LEAKER module.
• tests contains tests.

---

Usage

Refer to examples.py to see how to use LEAKER. First, you need to download/extract the raw data into a corresponding subdirectory of data_sources. Then, you can index this data source (necessary only once) and load it with LEAKER to perform evaluations.

To generate the documentation: enter pdoc --html leaker with LEAKER/ as the current working directory.

---

Acknowledgements

This framework has been developed by Nelson Brüchmann, Patrick Ehrler, Abdelkarim Kati, Johannes Leupold, Tobias Stöckert, Amos Treiber, and Michael Yonli.

The framework also uses code by Ruben Groot Roessink for its IKK attack optimization, which is located in the folder ikk_roessink and released under the license ikk_roessink/LICENSE.MD.