Posted by Andrew Rose on December 20, 2011
As much as the cloud computing model makes sense to me, my security sensibilities cry out about information risk every time I start to consider actual implementation for data of value across an enterprise.
A model which has always made sense has been to place only encrypted data in the cloud, holding the keys locally. This solution gives you control over data access, bypassing any Patriot Act concerns, but allows realization of the benefits of a shared, cloud infrastructure. It has always been recognized, however, that this solution has a number of drawbacks, such as:
- The immense corporate sensitivity of the encryption keys utilised. These keys become essential to doing business. If they are corrupted, lost or held hostage by hacktivists, for example, then the organization stops dead in the water.
- The difficulty of creating indexes, searching and applying transactions across encrypted data stores. If the concept is to keep the keys away from the cloud environment then actions such as indexing, searching or running database functions become very challenging.
In 2009 an IBM cryptographer named Craig Gentry wrote a PhD dissertation describing a solution to the second of these challenges, unfortunately it too had a drawback – his homomorphic encryption solution would increase transaction times by a factor of one trillion.
MIT have now, however, outlined a simpler solution to the problem. CryptDB seeks to address the same challenges but claims to add only 25% to the transaction time. I’m sure it’s not perfect, but it is a positive step toward answering a difficult question and cloud vendors should be interested in how such a feat of encryption wizardry can enable a wider adoption of their services.