You are looking at a specific version 20170606:213925 of this paper.
See the latest version.
Paper 2017/468
Why Your Encrypted Database Is Not Secure
Paul Grubbs and Thomas Ristenpart and Vitaly Shmatikov
Abstract
Encrypted databases, a popular approach to protecting data from compromised database management systems (DBMS’s), use abstract threat models that capture neither realistic databases, nor realistic attack scenarios. In particular, the “snapshot attacker” model used to support the security claims for many encrypted databases does not reflect the information about past queries available in any snapshot attack on an actual DBMS. We demonstrate how this gap between theory and reality causes encrypted databases to fail to achieve their “provable security” guarantees.
Metadata
- Available format(s)
- Category
- Applications
- Publication info
- Published elsewhere. Minor revision. The 16th Workshop on Hot Topics in Operating Systems (HotOS 2017)
- Keywords
- encrypted databasessecurity definitions
- Contact author(s)
- pag225 @ cornell edu
- History
- 2017-06-06: revised
- 2017-05-28: received
- See all versions
- Short URL
- https://ia.cr/2017/468
- License
-
CC BY