Cryptology ePrint Archive: Report 2016/893

Building web applications on top of encrypted data using Mylar

Raluca Ada Popa and Emily Stark and Jonas Helfer and Steven Valdez and Nickolai Zeldovich and M. Frans Kaashoek and Hari Balakrishnan

Abstract: Web applications rely on servers to store and process confidential information. However, anyone who gains access to the server (e.g., an attacker, a curious administrator, or a government) can obtain all of the data stored there. This paper presents Mylar, a platform that provides end-to-end encryption to web applications. Mylar protects the confidentiality of sensitive data fields against attackers that gained access to servers. Mylar stores sensitive data encrypted on the server, and decrypts that data only in users’ browsers. Mylar addresses three challenges in making this approach work. First, Mylar allows the server to perform keyword search over encrypted documents, even if the documents are encrypted with different keys. Second, Mylar allows users to share keys securely in the presence of an active adversary. Finally, Mylar ensures that client-side application code is authentic, even if the server is malicious. Results with a prototype of Mylar built on top of the Meteor framework are promising: porting 6 applications required changing just 36 lines of code on average, and the performance overheads are modest, amounting to a 17% throughput loss and a 50 ms latency increase for sending a message in a chat application.

Category / Keywords: applications / web security, end-to-end encryption

Original Publication (with minor differences): NSDI 2014

Date: received 13 Sep 2016

Contact author: mylar at mit edu

Available format(s): PDF | BibTeX Citation

Version: 20160914:041713 (All versions of this report)

Short URL: ia.cr/2016/893

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]