Looking forward to see it. Encrypting keys or not could be an interesting design tradeoff, as key, if based on some natural fact, might be a good candidate for encryption too ...
On Tue, Jul 31, 2012 at 7:49 AM, Marc Parisi <[email protected]> wrote: > k. as I designed it, a group. I had a decrypting iterator and a client to > do the scan. The symmetric keys decrypted groups of key/value pairs ( > though ideally we wouldn't encrypt keys, only values, to maintain sorting ). > multiple asymmetric keys can be used to decode one or more symmetric keys. > > my proof of concept was very simple, but could be extended. I'll have to > look further, tonight. > > > > On Tue, Jul 31, 2012 at 7:39 AM, Jim Klucar <[email protected]> wrote: > >> Post a link here to the list too please. I'm sure others might be >> interested. Does the key scheme allow a group of keys to decrypt the >> data or only a single key? >> >> Sent from my iPhone >> >> On Jul 31, 2012, at 7:37 AM, Marc Parisi <[email protected]> wrote: >> >> > I'll look for the code on my laptops and try and post it to my personal >> > github, and E-mail you directly, if you like. >> > >> > On Tue, Jul 31, 2012 at 7:35 AM, Marc Parisi <[email protected]> wrote: >> > >> >> I have code, which I can share, to >> >> use a symmetric key to encrypt data in cells >> >> use a sharable public key to encrypt/decrypt the symmetric keys, so >> >> that data can be shared. >> >> >> >> >> >> You can use the visibilities to ensure users don't get other users' >> data, >> >> if you like. Data is encrypted at rest, and with a client, in transit. >> >> >> >> On Sat, Jul 28, 2012 at 4:29 PM, Edmon Begoli <[email protected]> >> wrote: >> >> >> >>> You all might be aware of this, so please excuse the redundant >> >>> information: >> >>> >> >>> CryptDB >> >>> http://css.csail.mit.edu/cryptdb/ >> >>> >> >>> CryptDB is a system that provides practical >> >>> and provable confidentiality in the face of these attacks for >> >>> applications backed by SQL databases. It works by executing SQL >> >>> queries >> >>> over encrypted data using a collection of efficient SQL-aware >> >>> encryption schemes. CryptDB can also chain encryption keys to user >> >>> passwords, so that a data item can be decrypted only by using the >> >>> password of one of the users with access to that data. As a result, >> >>> a database administrator never gets access to decrypted data, and even >> >>> if all servers are compromised, an adversary cannot decrypt >> >>> the data of any user who is not logged in >> >>> >> >>> CryptDB is MySQL based system, but I think that some of its mechanisms >> >>> could be relevant for key-value stores. >> >>> (In my work/research, I was looking for HIPAA compliant data store) >> >>> >> >>> Regards, >> >>> Edmon >> >>> >> >> >> >> >>
