eCommons

 

Breaking and Building Encrypted Databases

dc.contributor.authorGrubbs, Paul Allen
dc.contributor.chairRistenpart, Thomas
dc.contributor.committeeMemberZabih, Ramin
dc.contributor.committeeMemberShmatikov, Vitaly
dc.date.accessioned2021-03-12T17:38:21Z
dc.date.available2021-03-12T17:38:21Z
dc.date.issued2020-08
dc.description139 pages
dc.description.abstractThe subject of this thesis is encrypted databases: systems that use novel cryptographic techniques to store and efficiently query encrypted data. Motivated by the increasing frequency and severity of harmful data breaches, encrypted databases keep data encrypted at all times, ensuring that it is unavailable even to an attacker that compromises the database system’s security. To keep queries efficient, encrypted databases must leak some information about the underlying plaintext data and queries. The leakage and its impact on security differs depending on the way the system is compromised. In this thesis, I investigate the performance-security tradeoffs made by encrypted databases. First, I study current encrypted databases to understand the leakage that would be available to an attacker in likely compromise scenarios. I conclude that many of the security claims made of encrypted databases are incorrect. Then, I examine the security impact of a concrete leakage shared by most encrypted databases. In the process I develop new technical tools based on statistical learning theory. Finally, informed by an understanding of existing databases, I propose a novel performance-security tradeoff for encrypted key-value stores. I instantiate that new tradeoff with frequency smoothing, analyze it using new theory, and build a system.
dc.identifier.doihttps://doi.org/10.7298/1tvp-fr92
dc.identifier.otherGrubbs_cornellgrad_0058F_12252
dc.identifier.otherhttp://dissertations.umi.com/cornellgrad:12252
dc.identifier.urihttps://hdl.handle.net/1813/102884
dc.language.isoen
dc.rightsAttribution 4.0 International
dc.rights.urihttps://creativecommons.org/licenses/by/4.0/
dc.subjectapplied cryptography
dc.subjectcomputer security
dc.subjectcryptography
dc.subjectdatabases
dc.subjectencryption
dc.titleBreaking and Building Encrypted Databases
dc.typedissertation or thesis
dcterms.licensehttps://hdl.handle.net/1813/59810
thesis.degree.disciplineComputer Science
thesis.degree.grantorCornell University
thesis.degree.levelDoctor of Philosophy
thesis.degree.namePh. D., Computer Science

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Grubbs_cornellgrad_0058F_12252.pdf
Size:
1.5 MB
Format:
Adobe Portable Document Format