Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Databases

Document 11742892

advertisement 
Using cryptography in databases and web applica4ons Nickolai Zeldovich MIT CSAIL Joint work with Raluca Ada Popa, Stephen Tu, Emily Stark, Jonas Helfer, Steven Valdez, Hari Balakrishnan, Frans Kaashoek, Sam Madden Problem: private data breaches clients server Secret Secret no computaJon storage encrypJon (encrypted files, email) Secret computaJon databases, web applicaJons, mobile applicaJons, machine learning, etc. ?? Common approach: prevent break-­‐ins server clients Secret Secret Enforced at many levels: operaJng system, hardware, network, programming language, … Bad guys find ways to break in •  Complex soTware has bugs –  AUackers find and exploit vulnerabiliJes •  Many people have access to infrastructure –  Server administrators –  Cloud / data center employees –  Anyone that breaks into their accounts •  Compromises are inevitable New approach: prac4cal processing of encrypted data server ?? client Result Secret Secret Strawman: Secret Secret CryptDB setup trusted client-­‐side plain query ApplicaJon decrypted results Proxy Stores schema and master key Ø  Minimal or no query execuJon Ø 
under aUack transformed query Database server encrypted DB encrypted results Secret Secret ApplicaJon Example SELECT * FROM emp
Randomized encrypJon (RND) -­‐ seman&c table1/emp Proxy SELECT * FROM table1
col1/rank col2/name col3/salary x4be219 60 x95c623 100 x2ea887 800 x17cea7 100 ApplicaJon Example SELECT * FROM emp
WHERE salary = 100
Proxy Randomized DeterminisJc encrypJon encrypJon (RND) (DET) table1/emp SELECT * FROM table1 col1/rank col2/name col3/salary WHERE col3 = x5a8c34
x934bc1
x4be219 x5a8c34
? x5a8c34
60 x5a8c34
x95c623 100 x84a21c
x2ea887 800 x5a8c34
x17cea7 100 Example ApplicaJon SELECT sum(salary)
FROM emp
“Summable” DeterminisJc encrypJon (HOM) -­‐ encrypJon (DET) semanJc table1 (emp) Proxy SELECT cdb_sum(col3) col1/rank col2/name col3/salary FROM table1
1060 x72295a
x934bc1
x9eab81
60 x5a8c34
x638e54
100 x84a21c
x122eb4
800 x5a8c34
x578b34
100 Example ApplicaJon SELECT sqrt(sum(salary))
FROM emp
table1 (emp) Proxy SELECT cdb_sum(col3) col1/rank col2/name col3/salary FROM table1
1060 x72295a
x934bc1
x9eab81
60 x5a8c34
x638e54
100 x84a21c
x122eb4
800 x5a8c34
x578b34
100 Example ApplicaJon SELECT sqrt(sum(salary))
FROM emp
32.55 table1 (emp) Proxy SELECT cdb_sum(col3) col1/rank col2/name col3/salary FROM table1
1060 x72295a
x934bc1
x9eab81
60 x5a8c34
x638e54
100 x84a21c
x122eb4
800 x5a8c34
x578b34
100 Techniques •  Compute on encrypted data at the server
–  Use SQL-aware set of efficient encryption schemes
–  Adjust encryption of data based on queries
•  Compute on decrypted data at the proxy
–  Can decrypt à can perform any computation
–  Choose optimal split to reduce bandwidth, proxy load SQL-­‐aware encryp4on schemes Security ≈ semanJc security Scheme ConstrucJon RND AES in UFE HOM Paillier SEARCH Song et al.,‘00 reveals only repeat paUern reveals only order DET JOIN OPE AES in CMC our new scheme our new scheme SQL operaJons: e.g., SELECT, data moving UPDATE, DELETE, INSERT, COUNT addiJon e.g., SUM, + FuncJon word search equality join order restricted ILIKE e.g., =, !=, IN, GROUP BY, DISTINCT e.g., >, <, ORDER BY, ASC, DESC, MAX, MIN, GREATEST, LEAST Onion of encryp4ons security + RND DET OPE value + funcJonality Adjust encrypJon: strip off layer of the onion CryptDB works well in prac4ce •  Supports many database applicaJons –  Web sites, transacJonal processing, data analyJcs –  Never reveals plaintext data on database server •  Modest performance overheads –  20-­‐30% throughput loss for typical benchmarks •  Approach now used by Google (among others) –  Encrypted BigQuery service Compromised app. server? users CryptDB applicaJon proxy DB server Secret CryptDB SQL queries on encrypted DB CryptDB proxy Compromised app. server? users Secret Secret Secret applicaJon CryptDB proxy CryptDB proxy DB server Secret Secret Secret Mylar: browser-­‐side encryp4on browser Secret Secret Secret web applicaJon Secret Secret DB server Secret Secret Decrypted data exists only in users’ browsers Challenge: computa4on in web applica4ons 1.  Client-­‐side applicaJon framework Ø  Most computaJon happens in client’s web browser (Javascript code) 2. Non client-­‐side computaJon: Ø 
Ø 
Data sharing – need a way to manage keys Keyword search – need new cryptosystem: documents encrypted with many keys Mylar supports many applica4ons •  Ported 6 applicaJons to Mylar •  Performance overheads are modest •  Data privacy despite server compromises Future research direc4ons •  PracJcal cryptography –  CompuJng on data encrypted w/ many keys –  DelegaJng limited funcJons over encrypted data •  PracJcal systems –  AudiJng for data disclosures –  ProtecJng end-­‐user computers
Related documents
25 Ways to Win With People
25 Ways to Win With People
The big secret in life is that there is no... secret. Whatever your goal, you can get there if
The big secret in life is that there is no... secret. Whatever your goal, you can get there if
GEMS—Codes and Ciphers Today we explored one kind of coding
GEMS—Codes and Ciphers Today we explored one kind of coding
Romeo and Juliet Postsecret
Romeo and Juliet Postsecret
UNDOING OPERATIONS Please do these problems in your Composition Notebooks!!!
UNDOING OPERATIONS Please do these problems in your Composition Notebooks!!!
Download
advertisement