Review of "CryptDB: Protecting Confidentiality with Encrypted Query Processing"

Sensitive information are vulnerable to theft. As an example, you have probably heard of data leaks very often. CryptDb is a system that provides practical and provable confidentiality in the face of data leaks for applications backed by SQL databases. It works by executing SQL queries over encrypted data using a collection of efficient SQL-aware encryption schemes. It also allows for chaining encryption keys to user passwords, so that data item can be decrypted only by user who has the password.

Several of the key techniques include 1) a set of well-defined primitive operators such as equality checks, order comparisons, aggregates, and joins. CryptDB encrypts each data item in a way that allows the DBMS to execute on the transformed data. Symmetric-key encryption is used for execution efficiency. 2) adjustable query-based encryption is used to avoid revealing all possible encryptions of data to the DBMS a priori. Onions of encryption is used to adjust the the encryptions. 3) chaining encryption keys to user passwords, as a result, each data item in the db can be decrypted only through a chain of keys rooted in the password of one of the users with access to that data.

CryptDB provides a group of efficient techniques to secure data stored inside the database which is constantly causing security issues in the more and more connected world. I think it'll a influential in 10 years.