CryptDB

Online applications are vulnerable to theft of sensitive information because adversaries can exploit software bugs to gain access to private data, and because curious or malicious administrators may capture and leak data. CryptDB is a system that provides practical and provable confidentiality in the face of these attacks for applications backed by SQL databases. It works by executing SQL queries over encrypted data using a collection of efficient SQL-aware encryption schemes. CryptDB can also chain encryption keys to user passwords, so that a data item can be decrypted only by using the password of one of the users with access to that data. As a result, a database administrator never gets access to decrypted data, and even if all servers are compromised, an adversary cannot decrypt the data of any user who is not logged in. An analysis of a trace of 126 million SQL queries from a production MySQL server shows that CryptDB can support operations over encrypted data for 99.5% of the 128,840 columns seen in the trace. Our evaluation shows that CryptDB has low overhead, reducing throughput by 14.5% for phpBB, a web forum application, and by 26% for queries from TPC-C, compared to unmodified MySQL. Chaining encryption keys to user passwords requires 11-13 unique schema annotations to secure more than 20 sensitive fields and 2-7 lines of source code changes for three multi-user web applications.

People

Publications

Raluca Ada Popa, Catherine M. S. Redfield, Nickolai Zeldovich, and Hari Balakrishnan.
CryptDB: Protecting Confidentiality with Encrypted Query Processing.
In Proceedings of the 23rd ACM Symposium on Operating Systems Principles (SOSP 2011), Cascais, Portugal, October 2011.
(This is the most recent paper describing CryptDB.)
Stephen Tu, M. Frans Kaashoek, Samuel Madden, and Nickolai Zeldovich.
Processing Analytical Queries over Encrypted Data.
In Proceedings of the 39th International Conference on Very Large Data Bases (VLDB), Riva del Garda, Italy, August 2013.
(This paper extends CryptDB's basic design to complex analytical queries and large data sets.)
Raluca Ada Popa and Nickolai Zeldovich.
Cryptographic treatment of CryptDB's Adjustable Join.
Technical Report MIT-CSAIL-TR-2012-006, Computer Science and Artificial Intelligence Laboratory, Cambridge, MA, March 2012.
(A formal description and analysis of CryptDB's adjustable join cryptographic scheme.)
Carlo Curino, Evan P. C. Jones, Raluca Ada Popa, Nirmesh Malviya, Eugene Wu, Sam Madden, Hari Balakrishnan, and Nickolai Zeldovich.
Relational Cloud: A Database-as-a-Service for the Cloud.
In Proceedings of the 5th Biennial Conference on Innovative Data Systems Research (CIDR 2011), Pacific Grove, CA, January 2011.
(A paper describing how CryptDB can help with hosting databases in the cloud.)
Raluca Ada Popa, Nickolai Zeldovich, and Hari Balakrishnan.
CryptDB: A Practical Encrypted Relational DBMS.
Technical Report MIT-CSAIL-TR-2011-005, Computer Science and Artificial Intelligence Laboratory, Cambridge, MA, January 2011.
(An earlier technical report on CryptDB, which has been superseeded by the SOSP paper above.)

Software

Our source code is available below for research purposes only. You can access it using git, as follows:

git clone -b public git://g.csail.mit.edu/cryptdb

You can find notes on how to build CryptDB in doc/BUILD, and several examples of how to run CryptDB in doc/README.

We are actively developing CryptDB. In particular, we are currently transitioning the code to perform more generic query parsing and rewriting, based on the native parser from the MySQL server. We will announce any significant changes to CryptDB on the cryptdb-announce mailing list.

If you are interested in using CryptDB's source code in any way, we encourage you to subscribe to the cryptdb-users mailing list, below, to receive announcements about CryptDB, report problems, or to ask questions about CryptDB.

Mailing lists

Please subscribe to the cryptdb-announce mailing list to receive announcements about updates to CryptDB.

To subscribe, fill out the following form. You will be sent email requesting confirmation, to prevent others from gratuitously subscribing you.

Please use the cryptdb-users mailing list to ask questions about CryptDB, get help, and offer any suggestions. To see the collection of prior postings to the list, visit the archive.

To post a message to the mailing list, send email to cryptdb-users@csail.mit.edu.