MIT Software Allows Queries On Encrypted Databases

Sparrowvsrevolution writes "CryptDB, a piece of database software that MIT researchers presented at the Symposium on Operating System Principles in October, allows users to send queries to an encrypted SQL database and get results without decrypting the stored information. CryptDB works by nesting data in several layers of cryptography (PDF), each of which has a different key and allows a different kind of simple operation on encrypted data. It doesn't work with every kind of calculation, and it's not the first system to offer this sort of computation on encrypted data. But it may be the only practical one. A previous crypto scheme that allowed operations on encrypted data multiplied computing time by a factor of a trillion. This one adds only 15-26%."

Re:MIT is overrated

Mine too... Perhaps AC isn't the way to go.

Re:Why?

[Niobe]

Reasons I can surmise:
1 no decryption operation required on server
2 the data can stay encrypted in transit
1+2 = more security than on-disk encryption

a little bit strong claim

[Trepidity]

This is not really the first practical such system, nor have all previous systems been a trillion times slower. As seems to be a pattern with MIT press releases, the press release makes exaggerated claims, but the paper itself is actually quite good and gives proper credit where it's due, discussing a number of previous systems that implement related functionality, and some existing algorithms from the literature that they borrow and implement directly in CryptDB.

Re:a little bit strong claim

It's a fundamental tension between the scientists and the PR departments. I see this where I work (at a DoE national lab). Basically, we scientists publish cool results, and submit them to the PR department as candidates for press releases. The PR department of course tries to jazz it up as much as they can. So we go back-and-forth with them for a bit, trying to compromise on something is isn't factually wrong while still being accessible to the general public, and giving people a good feel for why our work is important.

Then the press release is interpreted by media outlets, which dumb it down even more and stretch the claims even further. After even just 2 or three levels of this, honest sensible papers turn into grandiose hyperbole. A nice theoretical result on metamaterials becomes "scientists invent invisibility cloak"; work on new semiconductors becomes "world's fastest transistor"; and a paper on tentative correlations between X and Y becomes "X causes Y!" Believe me when I say that most scientists are embarrassed when they see their results exaggerated and misinterpreted like this.

This is not meant to excuse such behavior. Some PR departments are better than others. At some institutes there is too much pressure from on-high to be seen in the media as being innovative, revolutionary, and all that other buzzwords. But at the end of the day, scientists have to have the courage (and the authority) to prevent press releases from going out that are so stretched as to be factually incorrect.

Re:Why?

Because you want to run your database in the Cloud(tm) for reliability purposes, and you don't want the provider to peek at your data.

Re:Why?

[Rary]

Why not just encrypt the database files on HDD and memory directly? That way database can still act really fast and you can use any existing database software.

A few key phrases from TFA: "...a trick that keeps the info safe from hackers, accidental loss and even snooping administrators ... a useful trick if you need to perform operations on health care or financial data in a situation like cloud computing, where the computer (or the IT administrator) doing the calculations can’t always be trusted to access the private numbers being crunched".

Re:Why?

[Kaz+Kylheku]

Sorry, I don't see how that helps. The idea is that no program on the database server has the key to actually decrypt the data.

The problem isn't only that you don't trust the network in between, but that you don't trust the database server admins.