PostgreSQL and Homomorphic Encryption

On 22 May 2018 at 14:34, Tal Glozman <glozmantal@gmail.com> wrote:

Hello PostgreSQL Team,

I'm doing a project at my university (HU Berlin) involving homomorphic
encrypted searches on data bases. Does PostgreSQL support homomorphic
encryption-based searches?

Not natively, as far as I know anyway.

I don't think pgcrypto offers any facilities you could use for useful
homomorphic encryption, except for the obvious degenerate case of
comparison by equality of unsalted encrypted data.

PostgreSQL is very extensible and you could definitely add data types for
homomorphic encryption + the required index access method implementations
etc. A quick Google search for "postgres homomorphic" finds various
information on the topic.

--
Craig Ringer http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services

On Tue, May 22, 2018 at 08:34:18AM +0200, Tal Glozman wrote:

Hello PostgreSQL Team,

I'm doing a project at my university (HU Berlin) involving
homomorphic encrypted searches on data bases. Does PostgreSQL
support homomorphic encryption-based searches?

Yes, in the sense that PostgreSQL has Turing-complete languages for
expressional indexes, so to the extent that Turing machines can solve
the problem you want solved, the capability is there.

What would a system that supported homomorphic encrypted searches look
like from an operational point of view?

Best,
David.
--
David Fetter <david(at)fetter(dot)org> http://fetter.org/
Phone: +1 415 235 3778

Remember to vote!
Consider donating to Postgres: http://www.postgresql.org/about/donate

On 23 May 2018 at 07:52, David Fetter <david@fetter.org> wrote:

On Tue, May 22, 2018 at 08:34:18AM +0200, Tal Glozman wrote:

Hello PostgreSQL Team,

I'm doing a project at my university (HU Berlin) involving
homomorphic encrypted searches on data bases. Does PostgreSQL
support homomorphic encryption-based searches?

Yes, in the sense that PostgreSQL has Turing-complete languages for
expressional indexes, so to the extent that Turing machines can solve
the problem you want solved, the capability is there.

What would a system that supported homomorphic encrypted searches look
like from an operational point of view?

Presumably it'd have to support some non-equality ops like < and > for
b-tree indexing, so you can compare two encrypted texts without decryption.

If the user can supply cleartext to be compared against, this exposes
search-based plaintext attacks where you can discover the plaintext over
time with iterative searches over modified plaintext.

My understanding of homomorphic encryption is that it's generally more
useful for data-modifying operations. For example, you might want to add a
value to a balance without being able to read the balance and learn the
current value. I haven't heard of it being used for searches before.

--
Craig Ringer http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services

On Wed, May 23, 2018 at 09:05:15AM +0800, Craig Ringer wrote:

Presumably it'd have to support some non-equality ops like < and > for b-tree
indexing, so you can compare two encrypted texts without decryption.

If the user can supply cleartext to be compared against, this exposes
search-based plaintext attacks where you can discover the plaintext over time
with iterative searches over modified plaintext.

My understanding of homomorphic encryption is that it's generally more useful
for data-modifying operations. For example, you might want to add a value to a
balance without being able to read the balance and learn the current value. I
haven't heard of it being used for searches before.

I have a slide about indexing encrypted data; not sure if it is
relevant:

https://momjian.us/main/writings/crypto_hw_use.pdf#page=86

--
Bruce Momjian <bruce@momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com

+ As you are, so once was I.  As I am, so you will be. +
+                      Ancient Roman grave inscription +