Re: PostgreSQL and Homomorphic Encryption
On Wed, May 23, 2018 at 09:05:15AM +0800, Craig Ringer wrote: > Presumably it'd have to support some non-equality ops like < and > for b-tree > indexing, so you can compare two encrypted texts without decryption. > > If the user can supply cleartext to be compared against, this exposes > search-based plaintext attacks where you can discover the plaintext over time > with iterative searches over modified plaintext. > > My understanding of homomorphic encryption is that it's generally more useful > for data-modifying operations. For example, you might want to add a value to a > balance without being able to read the balance and learn the current value. I > haven't heard of it being used for searches before. I have a slide about indexing encrypted data; not sure if it is relevant: https://momjian.us/main/writings/crypto_hw_use.pdf#page=86 -- Bruce Momjian http://momjian.us EnterpriseDB http://enterprisedb.com + As you are, so once was I. As I am, so you will be. + + Ancient Roman grave inscription +
Re: PostgreSQL and Homomorphic Encryption
On 23 May 2018 at 07:52, David Fetter <da...@fetter.org> wrote: > On Tue, May 22, 2018 at 08:34:18AM +0200, Tal Glozman wrote: > > Hello PostgreSQL Team, > > > > I'm doing a project at my university (HU Berlin) involving > > homomorphic encrypted searches on data bases. Does PostgreSQL > > support homomorphic encryption-based searches? > > Yes, in the sense that PostgreSQL has Turing-complete languages for > expressional indexes, so to the extent that Turing machines can solve > the problem you want solved, the capability is there. > > What would a system that supported homomorphic encrypted searches look > like from an operational point of view? > Presumably it'd have to support some non-equality ops like < and > for b-tree indexing, so you can compare two encrypted texts without decryption. If the user can supply cleartext to be compared against, this exposes search-based plaintext attacks where you can discover the plaintext over time with iterative searches over modified plaintext. My understanding of homomorphic encryption is that it's generally more useful for data-modifying operations. For example, you might want to add a value to a balance without being able to read the balance and learn the current value. I haven't heard of it being used for searches before. -- Craig Ringer http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Training & Services
Re: PostgreSQL and Homomorphic Encryption
On Tue, May 22, 2018 at 08:34:18AM +0200, Tal Glozman wrote: > Hello PostgreSQL Team, > > I'm doing a project at my university (HU Berlin) involving > homomorphic encrypted searches on data bases. Does PostgreSQL > support homomorphic encryption-based searches? Yes, in the sense that PostgreSQL has Turing-complete languages for expressional indexes, so to the extent that Turing machines can solve the problem you want solved, the capability is there. What would a system that supported homomorphic encrypted searches look like from an operational point of view? Best, David. -- David Fetter <david(at)fetter(dot)org> http://fetter.org/ Phone: +1 415 235 3778 Remember to vote! Consider donating to Postgres: http://www.postgresql.org/about/donate
Re: PostgreSQL and Homomorphic Encryption
On 22 May 2018 at 14:34, Tal Glozman <glozman...@gmail.com> wrote: > Hello PostgreSQL Team, > > I'm doing a project at my university (HU Berlin) involving homomorphic > encrypted searches on data bases. Does PostgreSQL support homomorphic > encryption-based searches? > Not natively, as far as I know anyway. I don't think pgcrypto offers any facilities you could use for useful homomorphic encryption, except for the obvious degenerate case of comparison by equality of unsalted encrypted data. PostgreSQL is very extensible and you could definitely add data types for homomorphic encryption + the required index access method implementations etc. A quick Google search for "postgres homomorphic" finds various information on the topic. -- Craig Ringer http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Training & Services
PostgreSQL and Homomorphic Encryption
Hello PostgreSQL Team, I'm doing a project at my university (HU Berlin) involving homomorphic encrypted searches on data bases. Does PostgreSQL support homomorphic encryption-based searches? I couldn’t find the information about it on the internet. Could you provide me a web link or a PDF on the matter? If you can not answer my question, can you give me an email of someone or another support group who can? Thanks a lot, Tal Glozman
