Confidential Databases Without Cryptographic Mappings
This addresses performance bottlenecks for users of confidential databases in untrusted cloud environments, representing a novel paradigm shift rather than an incremental improvement.
The paper tackled the high performance overhead in confidential databases caused by frequent synchronous cryptographic operations, and introduced FEDB, a design that removes these operations from the critical path, reducing runtime overhead by up to 78.0 times on benchmarks like TPC-C and TPC-H.
Confidential databases (CDBs) are essential for enabling secure queries over sensitive data in untrusted cloud environments using confidential computing hardware. While adoption is growing, widespread deployment is hindered by high performance overhead from frequent synchronous cryptographic operations, which causes significant computational and memory bottlenecks. We present FEDB, a novel CDB design that removes cryptographic operations from the critical path. FEDB leverages crypto-free mappings, which maintain data-independent identifiers within the database while securely mapping them to plaintext secrets in a trusted domain. This paradigm shift reduces the runtime overhead by up to 78.0 times on industry-standard benchmarks including TPC-C and TPC-H.