Transaction processing on confidential data using cipherbase

Arvind Arasu, Ken Eguro, Manas Joglekar, Raghav Kaushik, Donald Kossmann, Ravi Ramamurthy
2015 2015 IEEE 31st International Conference on Data Engineering  
Cipherbase is a comprehensive database system that provides strong end-to-end data confidentiality through encryption. Cipherbase is based on a novel architecture that combines an industrial strength database engine (SQL Server) with lightweight processing over encrypted data that is performed in secure hardware. Cipherbase has the smallest trusted computing base (TCB) among comparable systems and provides significant benefits over the state-of-the-art in terms of security, performance, and
more » ... tionality. This paper presents a prototype of Cipherbase that uses FPGAs to provide secure processing and describes the system engineering details implemented to achieve competitive performance for transactional workloads. This includes hardwaresoftware co-design issues (e.g. how to best offer parallelism), optimizations to hide the latency between the secure hardware and the main system, and techniques to cope with space inefficiencies. All of these optimizations were carefully designed not to affect end-to-end data confidentiality. Our experiments with TPC-C show that when customer data is strongly encrypted in Cipherbase, it provides 90% the throughput of SQL Server operating over unencrypted data. Even when all data is strongly encrypted, Cipherbase achieves 40% the throughput of plaintext SQL Server. AcctID AcctBal Branch
doi:10.1109/icde.2015.7113304 dblp:conf/icde/ArasuEJKKR15 fatcat:maw45dh4kvhjxhrgkaqm4zto6i