1 / 22

CryptDB : Processing Queries on an Encrypted Database

CryptDB : Processing Queries on an Encrypted Database. Raluca Ada Popa Catherine M.S. Redfield Nickolai Zeldovich Hari Balakrishman. Presented By: Jeremy Winters. Agenda. Need Threat Model Implementation Types of Encryption and Onions Query Processing Experimental Evaluation

maja
Download Presentation

CryptDB : Processing Queries on an Encrypted Database

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CryptDB: Processing Queries on an Encrypted Database Raluca Ada Popa Catherine M.S. Redfield NickolaiZeldovich HariBalakrishman Presented By: Jeremy Winters

  2. Agenda • Need • Threat Model • Implementation • Types of Encryption and Onions • Query Processing • Experimental Evaluation • Performance Evaluation • Summary

  3. Need “…in a recent attack on the Sony Playstation Network, attackers apparently gained access to about 77 million personal user profiles, some of which included credit card information.”

  4. Threat Model

  5. CryptDB • Passive Attacks • Compromised hardware • System Administrators • Cloud solutions

  6. Implementation

  7. Implementation • 3 Components • Application • Proxy • DBMS

  8. Encryption Types

  9. Encryption Types • Random (RND) • Maximum security • Deterministic (DET) • Plaintext results in consistent ciphertext • Order-Preserving Encryption (OPE) • 100 < 200 | 4ex5d < 7gfa3

  10. Encryption Types • Homomorphic Encryption (HOM) • Math functions (ex. Addition) • Join (JOIN and OPE-JOIN) • Equality Joins • Word Search (SEARCH) • LIKE

  11. Goal ‘Our goal is to use the most secure encryption schemes that enable running the requested queries.’

  12. Onions • Data Sensitivity • Use in Queries

  13. Query Processing

  14. Query Processing Steps • Application issues query, intercepted by proxy and rewritten. • If necessary, adjust column encryption level. • Proxy sends encrypted query to DBMS for execution. • Encrypted result returned, proxy decrypts, returns to application.

  15. Query Processing

  16. Experimental Evaluation

  17. Experimental Evaluation

  18. Performance Evaluation

  19. Performance Evaluation .60ms (~ 26%) performance degradation in queries issued per second. 24% mysql-proxy 23% encryption / decryption 53% parsing and processing queries

  20. Summary

  21. CryptDB • CryptDB utilizes several encryption technologies to take steps to secure data within your client/server applications from passive attacks. • More secure that encryption provided by DBMS. DBMS decrypts data to perform queries. • Supports most relational queries – not all. Further research is being done here.

  22. Questions?

More Related