💡If data encryption can be compared to washing your hands, then searching over encrypted data without decrypting it is like using hand sanitizer on-the-go: saves time and gives you more flexibility.
Let us introduce an article on what “secure search over encrypted data” really is and how it is possible nowadays. We cover overview of existing approaches, their downsides, typical attacks, and ready-to-use tools for searching over encrypted data in SQL and NoSQL databases.
With a significant shift towards remote workforces fuelled by “software as a service” trend in enterprise computing, cloud data storage is set to gain traction.
This move entails a renewed push to data encryption during the whole dataflow (meaning, data stays encrypted almost all the time), which keeps it safe against leakage, outsiders, internal threats, and untrusted service providers alike.
However, encryption makes it harder to search over data once it is encrypted, which is both what encryption is needed for and a huge operational downside.
In a perfect world, it would be convenient to keep the data encrypted and still be able to securely search over it, without constraining the application architecture. Well, and today it is possible.
Acra database security suite makes it possible to use searchable encryption for your data stored in SQL/NoSQL databases (MySQL, PostgreSQL, MariaDB, CockroachDB, MongoDB, Elasticsearch, etc).
⇪ Acra works as a database proxy enabling field level encryption and searchable encryption for backend apps.
Encrypted search is based on blind indexing with probabilistic bloom filters (see a paper on IACR), and built around AES GCM and HMAC. Building compound encryption indexes allows users to perform even sophisticated queries over protected data.
When an app inserts a sensitive field to the database, Acra builds a special “blind index” for that field and encrypts its content. Database stores blind index and encrypted field separately or in one column (in most cases, storing them separately gives better performance).
⇪ Insert searchable encrypted data leads to inserting encrypted data and blind index.
When an app performs search (select) on an encrypted field, Acra builds blind index for searchable query, database searches in blind index column. Encrypted field stays encrypted until Acra decrypts it, and the database doesn’t know what data is stored and searches in. Application gets decrypted data from Acra if blind indexes match (or are close enough).
⇪ Searching in encrypted data leads to searching in blind index, and only if match found, decrypting data.
There are lots of approaches to searchable encryption, but many remain purely academic.
🔎⇪ Searchable Symmetric Encryption (aka SSE, Symmetric Searchable Encryption) and Public Key Encryption with Keyword Search (PEKS) are quite popular.
In our article, we explored the methods of secure search over encrypted data, including with our own technology called Acra Searchable Encryption (Acra SE). It is described in a scientific paper on IACR and available along with many other data protection features in Acra security suite.
The article covers the following topics and much more:
🔸 Common approaches to search in encrypted data for web/distributed applications.
🔸 Existing searchable encryption schemes (SSE, PEKS, PE, IPE, HE, blind indexes).
🔸 Attacks on searchable encryption (count attack, hierarchical-search attack, known plaintext attack) and security tradeoffs.
🔸 Database-specific tools for search in encrypted data (CryptDB, Mylar, CipherSweet, Acra Searchable Encryption).
🔸 Acra Searchable Encryption, which allows you to encrypt data on the database cell level and search through it without decryption (blind indexes, AES-GCM-256, built for databases).
Click to read the article in full and welcome back to discuss the topic here.
Acra Searchable Encryption is part of Acra Enterprise Edition and is not available in open source version. If you’re interested in searchable encryption and would like to try Acra, drop us a line, we’ll setup a demo stand for you.