Re: PostgreSQL and Homomorphic Encryption
| От | Craig Ringer |
|---|---|
| Тема | Re: PostgreSQL and Homomorphic Encryption |
| Дата | |
| Msg-id | CAMsr+YGHofXMGi-vhD7nBOQxF2bpq9Nof7tL7zW7cNj=47WghA@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: PostgreSQL and Homomorphic Encryption (David Fetter <david@fetter.org>) |
| Ответы |
Re: PostgreSQL and Homomorphic Encryption
|
| Список | pgsql-hackers |
On 23 May 2018 at 07:52, David Fetter <david@fetter.org> wrote:
On Tue, May 22, 2018 at 08:34:18AM +0200, Tal Glozman wrote:
> Hello PostgreSQL Team,
>
> I'm doing a project at my university (HU Berlin) involving
> homomorphic encrypted searches on data bases. Does PostgreSQL
> support homomorphic encryption-based searches?
Yes, in the sense that PostgreSQL has Turing-complete languages for
expressional indexes, so to the extent that Turing machines can solve
the problem you want solved, the capability is there.
What would a system that supported homomorphic encrypted searches look
like from an operational point of view?
Presumably it'd have to support some non-equality ops like < and > for b-tree indexing, so you can compare two encrypted texts without decryption.
If the user can supply cleartext to be compared against, this exposes search-based plaintext attacks where you can discover the plaintext over time with iterative searches over modified plaintext.
My understanding of homomorphic encryption is that it's generally more useful for data-modifying operations. For example, you might want to add a value to a balance without being able to read the balance and learn the current value. I haven't heard of it being used for searches before.
В списке pgsql-hackers по дате отправления: