The rise of cloud computing has spurred a trend of transferring data storage and computational tasks to the cloud. To protect confidential information such as customer data and business details, it is essential to encrypt this sensitive data before cloud storage. Implementing encryption can prevent unauthorized access, data breaches, and the resultant financial loss, reputation damage, and legal issues. Moreover, to facilitate the execution of data mining algorithms on the cloud-stored data, the encryption needs to be compatible with domain computation. The $k$-nearest neighbor ($k$-NN) computation for a specific query vector is widely used in fields like location-based services. Sanyashi et al. (ICISS 2023) proposed an encryption scheme to facilitate privacy-preserving $k$-NN computation on the cloud by utilizing Asymmetric Scalar-Product-Preserving Encryption (ASPE). In this work, we identify a significant vulnerability in the aforementioned encryption scheme of Sanyashi et al. Specifically, we give an efficient algorithm and also empirically demonstrate that their encryption scheme is vulnerable to the ciphertext-only attack (COA).

翻译：云计算的兴起推动了数据存储与计算任务向云端迁移的趋势。为保护客户数据、商业细节等机密信息，在云端存储前对这些敏感数据进行加密至关重要。实施加密可防止未授权访问、数据泄露及其导致的财务损失、声誉损害和法律问题。此外，为支持在云端存储数据上执行数据挖掘算法，加密方案需具备域内计算兼容性。针对特定查询向量的$k$-最近邻（$k$-NN）计算广泛应用于基于位置的服务等领域。Sanyashi等人（ICISS 2023）提出了一种加密方案，通过利用非对称标量积保持加密（ASPE）在云上实现隐私保护的$k$-NN计算。本文发现了Sanyashi等人上述加密方案中的一个重大漏洞。具体而言，我们提出了一种高效算法，并通过实验证明其加密方案易受唯密文攻击（COA）威胁。