Pushing the Limits of Encrypted Databases with Secure Hardware
This addresses security and efficiency issues in cloud-based encrypted databases, offering incremental improvements over existing technologies.
The paper tackles the limitations of encrypted databases by analyzing vulnerabilities in trusted computing platforms like Intel SGX and proposes methods to enhance confidentiality, functionality, and performance.
Encrypted databases have been studied for more than 10 years and are quickly emerging as a critical technology for the cloud. The current state of the art is to use property-preserving encrypting techniques (e.g., deterministic encryption) to protect the confidentiality of the data and support query processing at the same time. Unfortunately, these techniques have many limitations. Recently, trusted computing platforms (e.g., Intel SGX) have emerged as an alternative to implement encrypted databases. This paper demonstrates some vulnerabilities and the limitations of this technology, but it also shows how to make best use of it in order to improve on confidentiality, functionality, and performance.