| From: | Bruce Momjian <bruce(at)momjian(dot)us> |
|---|---|
| To: | Craig Ringer <craig(at)2ndquadrant(dot)com> |
| Cc: | David Fetter <david(at)fetter(dot)org>, Tal Glozman <glozmantal(at)gmail(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: PostgreSQL and Homomorphic Encryption |
| Date: | 2018-06-19 21:34:52 |
| Message-ID: | 20180619213452.GA30125@momjian.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, May 23, 2018 at 09:05:15AM +0800, Craig Ringer wrote:
> Presumably it'd have to support some non-equality ops like < and > for b-tree
> indexing, so you can compare two encrypted texts without decryption.
>
> If the user can supply cleartext to be compared against, this exposes
> search-based plaintext attacks where you can discover the plaintext over time
> with iterative searches over modified plaintext.
>
> My understanding of homomorphic encryption is that it's generally more useful
> for data-modifying operations. For example, you might want to add a value to a
> balance without being able to read the balance and learn the current value. I
> haven't heard of it being used for searches before.
I have a slide about indexing encrypted data; not sure if it is
relevant:
https://momjian.us/main/writings/crypto_hw_use.pdf#page=86
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ As you are, so once was I. As I am, so you will be. +
+ Ancient Roman grave inscription +
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2018-06-19 21:41:00 | Re: Time to put context diffs in the grave |
| Previous Message | Andrew Dunstan | 2018-06-19 21:30:55 | Re: Time to put context diffs in the grave |