raluca ada popa, catherine m. s ... - zoo.cs.yale.edu · cryptdb:protecting confidentiality with...
TRANSCRIPT
![Page 1: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/1.jpg)
CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING
RALUCA ADA POPA, CATHERINE M. S. REDFIELD, NICKOLAI ZELDOVICH, AND HARI BALAKRISHNAN MIT CSAIL
![Page 2: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/2.jpg)
Why
��'������0�(,!��.�*��,)!+/��)��� �#��"*�'�)*&%�#�!%�&�&������$!##!&%�����&%*,$�)*1�
��������0�� !##!&%��*�)����&,%+*�&���� &&�
��)�����"��1�
�')������0�&%/��#�/�+�+!&%���+-&)"��!$'��+������$!##!&%�'�)*&%�#�!%�&)$�+!&%�')&�!#�*1�
�,%������0���"�)*��.+)��+�����$!##!&%� �* ���'�**-&)�*� �)&$�+ ��� �&���!%"���%1�
![Page 3: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/3.jpg)
Possible attacks
![Page 4: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/4.jpg)
Goal
Fast Real-world
performance
Safe Meaningful
security
Easy Large class of
real application
![Page 5: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/5.jpg)
Challenge
▸ Query all the employees whose salary is greater than $60,000
Name Salary Age
Alice 70,000 23
Bob 50,000 25
…… …… ……
Employee Table Encrypted Employee Table
gd58i9 s9i4j3e 2ki9o0
x638e5 x1eab8 x98f73
x922eb x638e5 x73b41
…… …… ……
![Page 6: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/6.jpg)
Challenge
▸ For original database
▸ SELECT * FROM Employee WHERE salary > 60000
▸ For encrypted database
▸ SELECT * FROM Employee WHERE s9i4j3e > ?%#$&
▸ Sum
▸ Equality
▸ Order
▸ ……
![Page 7: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/7.jpg)
Challenge
▸ Using Fully homomorphic encryption (FHE) [Gentry’09] ▸ For any op(i1, i2, …, in ) = r ⇔ op(fhe(i1), fhe(i2), …, fhe(in) =
fhe(r) ▸ Prohibitively slow, e.g., slowdown X1,000,000,000
▸ Using strong and efficient cryptosystem such as AES ▸ Need to give the DBMS server access to the decryption
key
![Page 8: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/8.jpg)
Challenge
▸ Using Fully homomorphic encryption (FHE) [Gentry’09] ▸ For any op(i1, i2, …, in ) = r ⇔ op(fhe(i1), fhe(i2), …, fhe(in) =
fhe(r) ▸ Prohibitively slow, e.g., slowdown X1,000,000,000
▸ Using strong and efficient cryptosystem such as AES ▸ Need to give the DBMS server access to the decryption
key
![Page 9: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/9.jpg)
Challenge
▸ How to minimize the amount of data leaked in such cases?
▸ How to ensure that a compromised application can obtain only a limited amount of decrypted data?
![Page 10: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/10.jpg)
▸ An original architecture
DB ServerApplication
User 1
User 2
User 3
SQL
Two Threats
![Page 11: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/11.jpg)
Threat1: DBMS Compromise
DB ServerApplication
User 1
User 2
User 3
Threat 1: passive DB server attacks
SQL
Users Computer Application Server DBMS Server
Encrypted Data!
An original architecture - passive DB server attacks
![Page 12: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/12.jpg)
TEXT
Threat1: DBMS Compromise
DB ServerApplication
User 1
User 2
User 3
Threat 1: passive DB server attacks
SQL
Users Computer Application Server DBMS Server
transformed queryProxy
plain query
decrypted results
encrypted results
Trusted! Encrypted Data!
CryptDB Proxy Server
Architecture with CryptDB Proxy Server
CryptDB UDFs
![Page 13: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/13.jpg)
TEXT
Threat1: DBMS Compromise
▸ CryptDB Proxy: Master Key, Schema, How DB is encrypted
▸ Proxy transforms plain query, and decrypts the encrypted text from DB
DB ServerApplication
User 1
User 2
User 3
Threat 1: passive DB server attacks
SQL
Users Computer Application Server DBMS Server
transformed queryProxy
plain query
decrypted results
encrypted results
Trusted! Encrypted Data!
CryptDB Proxy Server
Architecture with CryptDB Proxy Server
CryptDB UDFs
![Page 14: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/14.jpg)
Threat1: DBMS Compromise
![Page 15: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/15.jpg)
Threat1: DBMS CompromiseGuarantee:1. Confidentiality for data content and names of columns, tables. 2. Does not hide overall table structure, #row, type of columns, etc
![Page 16: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/16.jpg)
Threat1: DBMS Compromise
Confidentiality Level? Depends on Application: 1. If application requests no relational predicate filtering on a column:
nothing leaks😃 2. If application requests equality check: reveals histogram😐 3. If application requests order check: reveals order😟
Guarantee:1. Confidentiality for data content and names of columns, tables. 2. Does not hide overall table structure, #row, type of columns, etc
![Page 17: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/17.jpg)
Threat1: DBMS Compromise
Confidentiality Level? Depends on Application: 1. If application requests no relational predicate filtering on a column:
nothing leaks😃 2. If application requests equality check: reveals histogram😐 3. If application requests order check: reveals order😟
Guarantee:1. Confidentiality for data content and names of columns, tables. 2. Does not hide overall table structure, #row, type of columns, etc
DROP DATABASE Midterm_Grades;
$ 🤦🤷 '
![Page 18: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/18.jpg)
Threat2: Arbitrary Threats
DB Server
Application
User 1
User 2
User 3
Threat 1: passive DB server attacks
SQL
Users Computer Application Server DBMS Server
transformed queryProxy
encrypted results
CryptDB Proxy Server
Architecture with CryptDB Proxy Server - Arbitrary Threats
CryptDB UDFs
Threat 2: any attacks on all servers
![Page 19: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/19.jpg)
Threat2: Arbitrary Threats
DB ServerApplication
User 1
User 2
User 3
Threat 1: passive DB server attacks
SQL
Users Computer Application Server DBMS Server
transformed queryProxy +
encrypted results
CryptDB Proxy Server
Architecture with CryptDB Proxy Server
CryptDB UDFs
Threat 2: any attacks on all servers
![Page 20: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/20.jpg)
Threat2: Arbitrary Threats
DB ServerApplication
User 1
User 2
User 3
Threat 1: passive DB server attacks
SQL
Users Computer Application Server DBMS Server
transformed queryProxy +
encrypted results
CryptDB Proxy Server
Architecture with CryptDB Proxy Server
CryptDB UDFs
Threat 2: any attacks on all servers
Express finer-grained confidentiality policies: Encrypt data also with user keys!
… So only user1 can be attacked now.
![Page 21: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/21.jpg)
Threat2: Arbitrary Threats
DB ServerApplication
User 1
User 2
User 3
Threat 1: passive DB server attacks
SQL
Users Computer Application Server DBMS Server
transformed queryProxy +
encrypted results
CryptDB Proxy Server
Architecture with CryptDB Proxy Server
CryptDB UDFs
Threat 2: any attacks on all servers
Express finer-grained confidentiality policies: Encrypt data also with user keys!
… So only user1 can be attacked now.
Still do not protect User side.
![Page 22: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/22.jpg)
Threat2: Arbitrary Threats
DB ServerApplication
User 1
User 2
User 3
Threat 1: passive DB server attacks
SQL
Users Computer Application Server DBMS Server
transformed queryProxy +
encrypted results
CryptDB Proxy Server
Architecture with CryptDB Proxy Server
CryptDB UDFs
Threat 2: any attacks on all servers
Express finer-grained confidentiality policies: Encrypt data also with user keys!
… So only user1 can be attacked now.
Key Setup
Active: key1 Annotated Schema
Encrypted Key Table
Still do not protect User side.
![Page 23: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/23.jpg)
SQL-aware Encryption
![Page 24: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/24.jpg)
SQL-aware Encryption
▸ CryptDB uses a number of existing cryptosystems:
![Page 25: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/25.jpg)
SQL-aware Encryption
▸ CryptDB uses a number of existing cryptosystems:
▸ Random (RND). RND provides the maximum security. Even two equal values are mapped to different ciphertexts with overwhelming probability.
![Page 26: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/26.jpg)
SQL-aware Encryption
▸ CryptDB uses a number of existing cryptosystems:
▸ Random (RND). RND provides the maximum security. Even two equal values are mapped to different ciphertexts with overwhelming probability.
▸ Deterministic (DET): DET has a slightly weaker guarantee. This encryption layer allows the server to perform equality checks
![Page 27: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/27.jpg)
SQL-aware Encryption
▸ CryptDB uses a number of existing cryptosystems:
▸ Random (RND). RND provides the maximum security. Even two equal values are mapped to different ciphertexts with overwhelming probability.
▸ Deterministic (DET): DET has a slightly weaker guarantee. This encryption layer allows the server to perform equality checks
▸ Order-preserving encryption (OPE): OPE allows order relations between data items to be established based on their encrypted values, without revealing the data itself.
![Page 28: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/28.jpg)
SQL-aware Encryption
▸ CryptDB uses a number of existing cryptosystems:
▸ Random (RND). RND provides the maximum security. Even two equal values are mapped to different ciphertexts with overwhelming probability.
▸ Deterministic (DET): DET has a slightly weaker guarantee. This encryption layer allows the server to perform equality checks
▸ Order-preserving encryption (OPE): OPE allows order relations between data items to be established based on their encrypted values, without revealing the data itself.
▸ Homomorphic encryption (HOM), Join (JOIN and OPE-JOIN), and Word search (SEARCH), etc.
![Page 29: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/29.jpg)
Adjustable Query-based Encryption
![Page 30: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/30.jpg)
Adjustable Query-based Encryption
![Page 31: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/31.jpg)
Adjustable Query-based Encryption
▸ Each value is dressed in layers of increasingly stronger encryption
![Page 32: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/32.jpg)
Adjustable Query-based Encryption
▸ Each value is dressed in layers of increasingly stronger encryption
▸ Each layer of each onion enables certain kinds of functionality
![Page 33: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/33.jpg)
Adjustable Query-based Encryption
▸ Each value is dressed in layers of increasingly stronger encryption
▸ Each layer of each onion enables certain kinds of functionality
▸ Multiple onions are needed for compatibility and performance
![Page 34: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/34.jpg)
Adjustable Query-based Encryption
![Page 35: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/35.jpg)
Adjustable Query-based Encryption
![Page 36: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/36.jpg)
Adjustable Query-based Encryption
▸ The proxy strips off the onion layers to allow different operations
![Page 37: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/37.jpg)
Adjustable Query-based Encryption
▸ The proxy strips off the onion layers to allow different operations
▸ The proxy never decrypts the data past the least-secure encryption onion layer
![Page 38: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/38.jpg)
EXAMPLE (FROM THE AUTHORS’ SLIDES):
![Page 39: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/39.jpg)
emp:
rank name salary
‘CEO’
‘worker’
EXAMPLE (FROM THE AUTHORS’ SLIDES):
![Page 40: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/40.jpg)
emp:
rank name salary
‘CEO’
‘worker’
col1-OnionEq col1-OnionOrder col1-OnionSearch col2-OnionEq
table 1:
…
…
…RND
RND
SEARCH RND
SEARCH RND
RND
RND
EXAMPLE (FROM THE AUTHORS’ SLIDES):
![Page 41: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/41.jpg)
emp:
rank name salary
‘CEO’
‘worker’
‘CEO’
JOIN
DET
RND
Onion Equality
col1-OnionEq col1-OnionOrder col1-OnionSearch col2-OnionEq
table 1:
…
…
…RND
RND
SEARCH RND
SEARCH RND
RND
RND
EXAMPLE (FROM THE AUTHORS’ SLIDES):
![Page 42: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/42.jpg)
▸ SELECT * FROM emp WHERE rank = ‘CEO’;
emp:
rank name salary
‘CEO’
‘worker’
‘CEO’
JOIN
DET
RND
Onion Equality
col1-OnionEq col1-OnionOrder col1-OnionSearch col2-OnionEq
table 1:
…
…
…RND
RND
SEARCH RND
SEARCH RND
RND
RND
EXAMPLE (FROM THE AUTHORS’ SLIDES):
![Page 43: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/43.jpg)
EXAMPLE (CONT’D)
‘CEO’
JOIN
DET
RND
Onion Equality
RND
RND
col1-OnionEq col1-OnionOrder col1-OnionSearch col2-OnionEq
table 1
…
…
…RND
RND
SEARCH RND
SEARCH RND
![Page 44: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/44.jpg)
EXAMPLE (CONT’D)
‘CEO’
JOIN
DET
RND
Onion Equality
RND
RND
col1-OnionEq col1-OnionOrder col1-OnionSearch col2-OnionEq
table 1
…
…
…RND
RND
SEARCH RND
SEARCH RND
SELECT * FROM emp WHERE rank = ‘CEO’;
![Page 45: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/45.jpg)
EXAMPLE (CONT’D)
‘CEO’
JOIN
DET
RND
Onion Equality
RND
RND
col1-OnionEq col1-OnionOrder col1-OnionSearch col2-OnionEq
table 1
…
…
…RND
RND
SEARCH RND
SEARCH RND
SELECT * FROM emp WHERE rank = ‘CEO’;
![Page 46: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/46.jpg)
EXAMPLE (CONT’D)
‘CEO’
JOIN
DET
RND
Onion Equality
RND
RND
col1-OnionEq col1-OnionOrder col1-OnionSearch col2-OnionEq
table 1
…
…
…RND
RND
SEARCH RND
SEARCH RND
SELECT * FROM emp WHERE rank = ‘CEO’;
UPDATE table1 SET col1-OnionEq = Decrypt_RND(key, col1-OnionEq);
![Page 47: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/47.jpg)
EXAMPLE (CONT’D)
‘CEO’
JOIN
DET
RND
Onion Equality
RND
RND
col1-OnionEq col1-OnionOrder col1-OnionSearch col2-OnionEq
table 1
…
…
…RND
RND
SEARCH RND
SEARCH RND
SELECT * FROM emp WHERE rank = ‘CEO’;
UPDATE table1 SET col1-OnionEq = Decrypt_RND(key, col1-OnionEq);
SELECT * FROM table1 WHERE col1-OnionEq = xda5c0407;
![Page 48: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/48.jpg)
EXAMPLE (CONT’D)
‘CEO’
JOIN
DET
Onion Equality
RND
RND
col1-OnionEq col1-OnionOrder col1-OnionSearch col2-OnionEq
table 1
…
…
…RND
RND
SEARCH RND
SEARCH RND
SELECT * FROM emp WHERE rank = ‘CEO’;
UPDATE table1 SET col1-OnionEq = Decrypt_RND(key, col1-OnionEq);
SELECT * FROM table1 WHERE col1-OnionEq = xda5c0407;
![Page 49: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/49.jpg)
EXAMPLE (CONT’D)
‘CEO’
JOIN
DET
Onion Equality
RND
RND
col1-OnionEq col1-OnionOrder col1-OnionSearch col2-OnionEq
table 1
…
…
…RND
RND
SEARCH RND
SEARCH RND
SELECT * FROM emp WHERE rank = ‘CEO’;
UPDATE table1 SET col1-OnionEq = Decrypt_RND(key, col1-OnionEq);
SELECT * FROM table1 WHERE col1-OnionEq = xda5c0407;
![Page 50: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/50.jpg)
EXAMPLE (CONT’D)
‘CEO’
JOIN
Onion Equality
RND
RND
col1-OnionEq col1-OnionOrder col1-OnionSearch col2-OnionEq
table 1
…
…
…RND
RND
SEARCH RND
SEARCH RND
SELECT * FROM emp WHERE rank = ‘CEO’;
UPDATE table1 SET col1-OnionEq = Decrypt_RND(key, col1-OnionEq);
SELECT * FROM table1 WHERE col1-OnionEq = xda5c0407;
![Page 51: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/51.jpg)
EXAMPLE (CONT’D)
‘CEO’
JOIN
DET
Onion Equality
RND
RND
col1-OnionEq col1-OnionOrder col1-OnionSearch col2-OnionEq
table 1
…
…
…RND
RND
SEARCH RND
SEARCH RND
SELECT * FROM emp WHERE rank = ‘CEO’;
UPDATE table1 SET col1-OnionEq = Decrypt_RND(key, col1-OnionEq);
SELECT * FROM table1 WHERE col1-OnionEq = xda5c0407;
![Page 52: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/52.jpg)
EXAMPLE (CONT’D)
‘CEO’
JOIN
DET
Onion Equality
RND
col1-OnionEq col1-OnionOrder col1-OnionSearch col2-OnionEq
table 1
…
…
…RND
RND
SEARCH RND
SEARCH RND
SELECT * FROM emp WHERE rank = ‘CEO’;
UPDATE table1 SET col1-OnionEq = Decrypt_RND(key, col1-OnionEq);
SELECT * FROM table1 WHERE col1-OnionEq = xda5c0407;
![Page 53: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/53.jpg)
EXAMPLE (CONT’D)
‘CEO’
JOIN
DET
Onion Equality
col1-OnionEq col1-OnionOrder col1-OnionSearch col2-OnionEq
table 1
…
…
…RND
RND
SEARCH RND
SEARCH RND
SELECT * FROM emp WHERE rank = ‘CEO’;
UPDATE table1 SET col1-OnionEq = Decrypt_RND(key, col1-OnionEq);
SELECT * FROM table1 WHERE col1-OnionEq = xda5c0407;
![Page 54: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/54.jpg)
EXAMPLE (CONT’D)
‘CEO’
JOIN
DET
Onion Equality
DET
col1-OnionEq col1-OnionOrder col1-OnionSearch col2-OnionEq
table 1
…
…
…RND
RND
SEARCH RND
SEARCH RND
SELECT * FROM emp WHERE rank = ‘CEO’;
UPDATE table1 SET col1-OnionEq = Decrypt_RND(key, col1-OnionEq);
SELECT * FROM table1 WHERE col1-OnionEq = xda5c0407;
![Page 55: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/55.jpg)
EXAMPLE (CONT’D)
‘CEO’
JOIN
DET
Onion Equality
DET
DET
col1-OnionEq col1-OnionOrder col1-OnionSearch col2-OnionEq
table 1
…
…
…RND
RND
SEARCH RND
SEARCH RND
SELECT * FROM emp WHERE rank = ‘CEO’;
UPDATE table1 SET col1-OnionEq = Decrypt_RND(key, col1-OnionEq);
SELECT * FROM table1 WHERE col1-OnionEq = xda5c0407;
![Page 56: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/56.jpg)
System design
CryptDB Proxy
Unmodified DBMS CryptDB SQL UDFs
(user-defined functions)
Server
query
results
transformed query
encrypted results
SQL Interface
Application
![Page 57: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/57.jpg)
System design
CryptDB Proxy
Unmodified DBMS CryptDB SQL UDFs
(user-defined functions)
Server
query
results
transformed query
encrypted results
SQL Interface
Application
![Page 58: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/58.jpg)
System design
▸ So far the first threat is solved.
CryptDB Proxy
Unmodified DBMS CryptDB SQL UDFs
(user-defined functions)
Server
query
results
transformed query
encrypted results
SQL Interface
Application
![Page 59: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/59.jpg)
System design
▸ So far the first threat is solved.
▸ What if the proxy and application are also untrusted?
CryptDB Proxy
Unmodified DBMS CryptDB SQL UDFs
(user-defined functions)
Server
query
results
transformed query
encrypted results
SQL Interface
Application
![Page 60: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/60.jpg)
System design
▸ So far the first threat is solved.
▸ What if the proxy and application are also untrusted?
CryptDB Proxy
Unmodified DBMS CryptDB SQL UDFs
(user-defined functions)
Server
query
results
transformed query
encrypted results
SQL Interface
Application
![Page 61: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/61.jpg)
Application protection
DB ServerSQLProxyApplication
User 1
User 2
User 3
![Page 62: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/62.jpg)
Application protection
DB ServerSQLProxyApplication
User 1
User 2
User 3
![Page 63: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/63.jpg)
Application protection
DB ServerSQLProxyApplication
User 1
User 2
User 3
![Page 64: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/64.jpg)
Application protection
DB ServerSQLProxyApplication
User 1
User 2
User 3
![Page 65: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/65.jpg)
Application protection
DB ServerSQLProxyApplication
User 1
User 2
User 3
![Page 66: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/66.jpg)
Application protection
▸ Protect data of logged-out users.
DB ServerSQLProxyApplication
User 1
User 2
User 3
![Page 67: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/67.jpg)
Application protection
▸ Protect data of logged-out users.
▸ Leaking data of active users is unavoidable.
DB ServerSQLProxyApplication
User 1
User 2
User 3
![Page 68: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/68.jpg)
Data sharing
![Page 69: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/69.jpg)
Data sharing
➢Access control is easy if proxy has all the keys
![Page 70: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/70.jpg)
Data sharing
➢Access control is easy if proxy has all the keys
dataProxyUser 1
User 2
![Page 71: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/71.jpg)
Data sharing
➢Access control is easy if proxy has all the keys
dataProxyUser 1
User 2
➢But we want to protect the data of logged out users
![Page 72: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/72.jpg)
Data sharing
➢Access control is easy if proxy has all the keys
dataProxyUser 1
User 2
➢But we want to protect the data of logged out users
data
Proxy
User 1
User 2
![Page 73: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/73.jpg)
Policy Annotations —— Define Privileges and Access Controls
![Page 74: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/74.jpg)
Policy Annotations —— Define Privileges and Access Controls
Principal: entities such as users, groups, or messages
![Page 75: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/75.jpg)
Policy Annotations —— Define Privileges and Access Controls
Principal: entities such as users, groups, or messages• Internal: Delegation
![Page 76: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/76.jpg)
Policy Annotations —— Define Privileges and Access Controls
Principal: entities such as users, groups, or messages• Internal: Delegation Privileges are restricted by the delegation rules in DB table
![Page 77: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/77.jpg)
Policy Annotations —— Define Privileges and Access Controls
Principal: entities such as users, groups, or messages• Internal: Delegation Privileges are restricted by the delegation rules in DB table• External: End user who logs in with password
![Page 78: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/78.jpg)
Policy Annotations —— Define Privileges and Access Controls
Principal: entities such as users, groups, or messages• Internal: Delegation Privileges are restricted by the delegation rules in DB table• External: End user who logs in with password Privileges are obtained through proxy after providing password.
![Page 79: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/79.jpg)
▸ Annotation: developer specified ▸ ENC_FOR: which column has secret and what principals
have access to those secret. ▸ SPEAKS_FOR: if A delegates B, then A has access to all
keys B has access to
![Page 80: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/80.jpg)
Key Chaining ——handling the access control keys
![Page 81: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/81.jpg)
Key Chaining ——handling the access control keys
Four special tables in DB for access control
![Page 82: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/82.jpg)
Key Chaining ——handling the access control keys
Four special tables in DB for access control
Access_keys table • Common symmetric key for principals that are all active
![Page 83: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/83.jpg)
Key Chaining ——handling the access control keys
Four special tables in DB for access control
Access_keys table • Common symmetric key for principals that are all active
Public_keys table • Asymmetric key for inactive principals
![Page 84: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/84.jpg)
Key Chaining ——handling the access control keys
Four special tables in DB for access control
Access_keys table • Common symmetric key for principals that are all active
Public_keys table • Asymmetric key for inactive principals
External_keys table • Random key generated by principal password indicating its privilege
![Page 85: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/85.jpg)
Key Chaining ——handling the access control keys
Four special tables in DB for access control
Access_keys table • Common symmetric key for principals that are all active
Public_keys table • Asymmetric key for inactive principals
External_keys table • Random key generated by principal password indicating its privilege
Cryptdb_active table • Indicating whether principal is active, remove its key if not
![Page 86: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/86.jpg)
Key Chaining ——handling the access control keys
Four special tables in DB for access control
Access_keys table • Common symmetric key for principals that are all active
Public_keys table • Asymmetric key for inactive principals
External_keys table • Random key generated by principal password indicating its privilege
Cryptdb_active table • Indicating whether principal is active, remove its key if not
![Page 87: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/87.jpg)
Key Chaining ——handling the access control keys
Four special tables in DB for access control
Access_keys table • Common symmetric key for principals that are all active
Public_keys table • Asymmetric key for inactive principals
External_keys table • Random key generated by principal password indicating its privilege
Cryptdb_active table • Indicating whether principal is active, remove its key if not
Internal Principal
![Page 88: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/88.jpg)
Key Chaining ——handling the access control keys
Four special tables in DB for access control
Access_keys table • Common symmetric key for principals that are all active
Public_keys table • Asymmetric key for inactive principals
External_keys table • Random key generated by principal password indicating its privilege
Cryptdb_active table • Indicating whether principal is active, remove its key if not
Internal Principal
![Page 89: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/89.jpg)
Key Chaining ——handling the access control keys
Four special tables in DB for access control
Access_keys table • Common symmetric key for principals that are all active
Public_keys table • Asymmetric key for inactive principals
External_keys table • Random key generated by principal password indicating its privilege
Cryptdb_active table • Indicating whether principal is active, remove its key if not
Internal Principal
External Principal
![Page 90: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/90.jpg)
• Internal Principal
![Page 91: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/91.jpg)
• Internal Principal1. Symmetric key Says A speaks for B and B is active, then B’s symmetric key is encrypted using A’s symmetric key2. Asymmetric key Says A send a message to B, but B is offline. So CryptDB looks up the table for B’s public key, which can only be decrypted by its private key.
![Page 92: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/92.jpg)
• Internal Principal1. Symmetric key Says A speaks for B and B is active, then B’s symmetric key is encrypted using A’s symmetric key2. Asymmetric key Says A send a message to B, but B is offline. So CryptDB looks up the table for B’s public key, which can only be decrypted by its private key.
• External Principal 1. Random key When logged in, external principals are assigned a random key. When logged out, the related keys to that principals are removed.
![Page 93: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/93.jpg)
Chaining Behavior
▸ A speaks for B: B’s key is encrypted by A’s key and stored in a DB table
▸ B speaks for C: C’s key is encrypted by B’s key and stored in a DB table
![Page 94: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/94.jpg)
Chaining Behavior
▸ A speaks for B: B’s key is encrypted by A’s key and stored in a DB table
▸ B speaks for C: C’s key is encrypted by B’s key and stored in a DB table
When A wants to get C’s key and retrieve its principal(sensitive message)
![Page 95: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/95.jpg)
Chaining Behavior
▸ A speaks for B: B’s key is encrypted by A’s key and stored in a DB table
▸ B speaks for C: C’s key is encrypted by B’s key and stored in a DB table
When A wants to get C’s key and retrieve its principal(sensitive message)
![Page 96: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/96.jpg)
EXPERIMENTAL EVALUATION
![Page 97: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/97.jpg)
EXPERIMENTAL EVALUATION
▸ Application Changes
![Page 98: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/98.jpg)
EXPERIMENTAL EVALUATION
▸ Application Changes
▸ Functional Evaluation
![Page 99: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/99.jpg)
EXPERIMENTAL EVALUATION
▸ Application Changes
▸ Functional Evaluation
▸ Security Evaluation
![Page 100: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/100.jpg)
EXPERIMENTAL EVALUATION
▸ Application Changes
▸ Functional Evaluation
▸ Security Evaluation
▸ Performance Evaluation
![Page 101: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/101.jpg)
Application Changes
![Page 102: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/102.jpg)
Application Changes
Application Annotations Login/logout
codeSensitive fields secured, and
examples of such fields
phpBB 31(11 unique) 7 lines 23: private messages (content, subject), posts, forums
HotCRP 29(12 unique) 2 lines22: paper content and paper information,
reviews
grad-apply 111(13 unique) 2 lines 103: student grades (61), scores (17), recommendations, reviews
TPC-C(single princ.) 0 0 92: all the fields in all the tables
encrypted
![Page 103: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/103.jpg)
Functional Evaluation
![Page 104: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/104.jpg)
Functional Evaluation
Application Total cols. Consider for enc. Needs plaintext
phpBB 563 23 0
HotCRP 204 22 0
grad-apply 706 103 0
OpenEMR 1297 566 7
MIT 6.02 15 13 0
PHP-calendar 25 12 2
TPC-C 92 92 0
Trace from sql.mit.edu 128840 128840 1094
. . . with in-proxy processing 128840 128840 571
. . . col. name contains pass 2029 2029 2
. . . col. name contains content 2521 2521 0
. . . col. name contains priv 173 173 0
![Page 105: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/105.jpg)
Non-plaintext cols. with MinEnc
![Page 106: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/106.jpg)
Non-plaintext cols. with MinEnc
Application RND SEARCH DET OPE
phpBB 21 0 1 1
HotCRP 18 1 1 2
grad-apply 95 0 6 2
OpenEMR 526 2 12 19
MIT 6.02 7 0 4 2
PHP-calendar 3 2 4 1
TPC-C 65 0 19 8
Trace from sql.mit.edu 80053 350 34212 13131
. . . with in-proxy processing 84008 398 35350 8513
. . . col. name contains pass 1936 0 91 0
. . . col. name contains content
2215 52 251 3
. . . col. name contains priv 159 0 12 2
![Page 107: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/107.jpg)
EXPERIMENT ENVIRONMENT
Performance Evaluation
![Page 108: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/108.jpg)
EXPERIMENT ENVIRONMENT
▸ 2.4GHz Intel Xeon E5620 4-core processor
Performance Evaluation
![Page 109: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/109.jpg)
EXPERIMENT ENVIRONMENT
▸ 2.4GHz Intel Xeon E5620 4-core processor
▸ 12 GB RAM
Performance Evaluation
![Page 110: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/110.jpg)
EXPERIMENT ENVIRONMENT
▸ 2.4GHz Intel Xeon E5620 4-core processor
▸ 12 GB RAM
▸ MySQL 5.1.54 server
Performance Evaluation
![Page 111: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/111.jpg)
EXPERIMENT ENVIRONMENT
▸ 2.4GHz Intel Xeon E5620 4-core processor
▸ 12 GB RAM
▸ MySQL 5.1.54 server
Performance Evaluation
![Page 112: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/112.jpg)
EXPERIMENT ENVIRONMENT
▸ 2.4GHz Intel Xeon E5620 4-core processor
▸ 12 GB RAM
▸ MySQL 5.1.54 server
▸ eight 2.4GHz AMD Opteron 8431 6-core processors
Performance Evaluation
![Page 113: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/113.jpg)
EXPERIMENT ENVIRONMENT
▸ 2.4GHz Intel Xeon E5620 4-core processor
▸ 12 GB RAM
▸ MySQL 5.1.54 server
▸ eight 2.4GHz AMD Opteron 8431 6-core processors
▸ 64GB RAM
Performance Evaluation
![Page 114: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/114.jpg)
Performance Evaluation
![Page 115: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/115.jpg)
Performance EvaluationQ
uerie
s/ se
c
0
12500
25000
37500
50000
Number of server cores
1 2 3 4 5 6 7 8
MySQL CryptDB
![Page 116: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/116.jpg)
DRAWBACKS
![Page 117: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/117.jpg)
DRAWBACKS
▸ More storage
![Page 118: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/118.jpg)
DRAWBACKS
▸ More storage
▸ Multiple onions for the same field
![Page 119: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/119.jpg)
DRAWBACKS
▸ More storage
▸ Multiple onions for the same field
▸ Ciphertexts are larger than plaintexts for some encryption schemes
![Page 120: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/120.jpg)
DRAWBACKS
▸ More storage
▸ Multiple onions for the same field
▸ Ciphertexts are larger than plaintexts for some encryption schemes
▸ CryptDB cannot perform server-side computations on values encrypted for different principals because the ciphertexts are encrypted with different keys.
![Page 121: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/121.jpg)
DRAWBACKS
▸ More storage
▸ Multiple onions for the same field
▸ Ciphertexts are larger than plaintexts for some encryption schemes
▸ CryptDB cannot perform server-side computations on values encrypted for different principals because the ciphertexts are encrypted with different keys.
▸ There are certain computations CryptDB cannot support on encrypted data
![Page 122: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/122.jpg)
DRAWBACKS
▸ More storage
▸ Multiple onions for the same field
▸ Ciphertexts are larger than plaintexts for some encryption schemes
▸ CryptDB cannot perform server-side computations on values encrypted for different principals because the ciphertexts are encrypted with different keys.
▸ There are certain computations CryptDB cannot support on encrypted data
▸ For example, it does not support both computation and comparison on the same column, such as WHERE salary > age*2+10.
![Page 123: RALUCA ADA POPA, CATHERINE M. S ... - zoo.cs.yale.edu · CRYPTDB:PROTECTING CONFIDENTIALITY WITH ENCRYPTED QUERY PROCESSING ... security Easy Large class of ... Users Computer …](https://reader031.vdocuments.us/reader031/viewer/2022022520/5b1bd5c07f8b9a37258f21be/html5/thumbnails/123.jpg)
DRAWBACKS
▸ More storage
▸ Multiple onions for the same field
▸ Ciphertexts are larger than plaintexts for some encryption schemes
▸ CryptDB cannot perform server-side computations on values encrypted for different principals because the ciphertexts are encrypted with different keys.
▸ There are certain computations CryptDB cannot support on encrypted data
▸ For example, it does not support both computation and comparison on the same column, such as WHERE salary > age*2+10.
▸ Removing an onion layer is bottlenecked by the speed at which the DBMS server can copy a column from disk for disk-bound databases