CryptDB

Online applications are vulnerable to theft of sensitive information because adversaries can exploit software bugs to gain access to private data, and because curious or malicious administrators may capture and leak data. CryptDB is a system that provides practical and provable confidentiality in the face of these attacks for applications backed by SQL databases. It works by executing SQL queries over encrypted data using a collection of efficient SQL-aware encryption schemes. CryptDB can also chain encryption keys to user passwords, so that a data item can be decrypted only by using the password of one of the users with access to that data. As a result, a database administrator never gets access to decrypted data, and even if all servers are compromised, an adversary cannot decrypt the data of any user who is not logged in. An analysis of a trace of 126 million SQL queries from a production MySQL server shows that CryptDB can support operations over encrypted data for 99.5% of the 128,840 columns seen in the trace. Our evaluation shows that CryptDB has low overhead, reducing throughput by 14.5% for phpBB, a web forum application, and by 26% for queries from TPC-C, compared to unmodified MySQL. Chaining encryption keys to user passwords requires 11-13 unique schema annotations to secure more than 20 sensitive fields and 2-7 lines of source code changes for three multi-user web applications.

Impact

SAP AG's system SEEED SAP AG developed a system called SEEED, which implements CryptDB's design on top of their HANA database system. SEEED uses most of the building blocks of CryptDB as well as the adjustable encryption (onion) strategy. Here are some references: Project SEEED, white paper.

Google's Encrypted BigQuery Google has developed an experimental extension of the BigQuery client, known as Encrypted BigQuery, which was informed and motivated by the CryptDB paper. It offers client-side encryption for a subset of query types, using encryption building blocks similar to the RND, HOM, and DET used in CryptDB. Their code is available here.





Lincoln Laboratory Lincoln Labs added the CryptDB design on top of their D4M Accumulo no-SQL engine (using the RND, DET, OPE and HOM building blocks). Microsoft's Always Encrypted SQL Server Microsoft's Always Encrypted SQL Server enables administrators to encrypt columns with RND and DET. Before this service, the database in the SQL Server was in plaintext during processing. Some applications can support a lot of fields with RND and a set of other fields with DET, thus giving a significant security increase as compared to no encryption for these fields. The service is now distributed as part of the SQL Server. The authors of Microsoft's Cipherbase system led this effort; Cipherbase is a successor of CryptDB which enhances CryptDB with trusted hardware support for queries not supported on encryption.



Skyhigh Networks Skyhigh networks seems to be using most of the encryption building blocks in CryptDB. Skyhigh discusses these schemes here. sql.mit.edu

sql.mit.edu is a SQL server at MIT hosting many MIT-ran applications. Volunteering users of Wordpress switched to running Wordpress through CryptDB, using our source code.



Startups based on CryptDB Privic, a startup in Silicon Valley, and Cryptonor, a startup in Europe, are both based on CryptDB's design. CryptonorDB targets no-SQL databases.

Press