Confidential Databases Without Cryptographic Mappings
Wenxuan Huang, Zhanbo Wang, Mingyu Li
TL;DR
FEDB introduces a cryptography-free approach for confidential databases, significantly reducing runtime overhead and enabling more efficient secure data management in untrusted cloud environments.
Contribution
It proposes crypto-free mappings that eliminate cryptographic operations from the critical path, improving performance of confidential databases.
Findings
Runtime overhead reduced by up to 78x on industry benchmarks.
Maintains data security with data-independent identifiers.
Supports secure queries over sensitive data in untrusted environments.
Abstract
Confidential databases (CDBs) are essential for enabling secure queries over sensitive data in untrusted cloud environments using confidential computing hardware. While adoption is growing, widespread deployment is hindered by high performance overhead from frequent synchronous cryptographic operations, which causes significant computational and memory bottlenecks. We present FEDB, a novel CDB design that removes cryptographic operations from the critical path. FEDB leverages crypto-free mappings, which maintain data-independent identifiers within the database while securely mapping them to plaintext secrets in a trusted domain. This paradigm shift reduces the runtime overhead by up to 78.0 times on industry-standard benchmarks including TPC-C and TPC-H.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsCryptography and Data Security · Security and Verification in Computing · Cryptographic Implementations and Security