On 23 May 2018 at 07:52, David Fetter <da...@fetter.org> wrote:

> On Tue, May 22, 2018 at 08:34:18AM +0200, Tal Glozman wrote:
> > Hello PostgreSQL Team,
> >
> > I'm doing a project at my university (HU Berlin) involving
> > homomorphic encrypted searches on data bases. Does PostgreSQL
> > support homomorphic encryption-based searches?
>
> Yes, in the sense that PostgreSQL has Turing-complete languages for
> expressional indexes, so to the extent that Turing machines can solve
> the problem you want solved, the capability is there.
>
> What would a system that supported homomorphic encrypted searches look
> like from an operational point of view?
>

Presumably it'd have to support some non-equality ops like < and > for
b-tree indexing, so you can compare two encrypted texts without decryption.

If the user can supply cleartext to be compared against, this exposes
search-based plaintext attacks where you can discover the plaintext over
time with iterative searches over modified plaintext.

My understanding of homomorphic encryption is that it's generally more
useful for data-modifying operations. For example, you might want to add a
value to a balance without being able to read the balance and learn the
current value. I haven't heard of it being used for searches before.

-- 
 Craig Ringer                   http://www.2ndQuadrant.com/
 PostgreSQL Development, 24x7 Support, Training & Services

Reply via email to