Numerous studies have underscored the significant privacy risks associated with various leakage patterns in encrypted data stores. Most existing systems that conceal leakage either (1) incur substantial overheads, (2) focus on specific subsets of leakage patterns, or (3) apply the same security notion across various workloads, thereby impeding the attainment of fine-tuned privacy-efficiency trade-offs. In light of various detrimental leakage patterns, this paper starts with an investigation into which specific leakage patterns require our focus respectively in the contexts of key-value, range-query, and dynamic workloads. Subsequently, we introduce new security notions tailored to the specific privacy requirements of these workloads. Accordingly, we present, SWAT, an efficient construction that progressively enables these workloads, while provably mitigating system-wide leakage via a suite of algorithms with tunable privacy-efficiency trade-offs. We conducted extensive experiments and compiled a detailed result analysis, showing the efficiency of our solution. SWAT is about $10.6\times$ slower than an encryption-only data store that reveals various leakage patterns and is $31.6\times$ faster than a trivially zero-leakage solution. Meanwhile, the performance of SWAT remains highly competitive compared to other designs that mitigate specific types of leakage.

翻译：大量研究强调了加密数据存储中各类泄漏模式带来的显著隐私风险。现有的大多数隐藏泄漏的系统要么(1)带来巨大开销，(2)针对泄漏模式的特定子集，要么(3)在不同工作负载中应用相同的安全概念，从而阻碍了实现精细调节的隐私-效率权衡。鉴于各种有害的泄漏模式，本文首先探究在键值、范围查询和动态工作负载的上下文中，哪些特定的泄漏模式需要我们分别关注。随后，我们引入了针对这些工作负载特定隐私需求的新安全概念。据此，我们提出了SWAT，一种高效的构建方法，该方法逐步启用这些工作负载，同时通过一套可调隐私-效率权衡的算法，可证明地缓解系统级泄漏。我们进行了大量实验并编制了详细的结果分析，展示了我们解决方案的效率。SWAT比暴露各种泄漏模式的纯加密数据存储慢约10.6倍，比简单的零泄漏解决方案快31.6倍。同时，与缓解特定类型泄漏的其他设计相比，SWAT的性能仍极具竞争力。