Re: subtext search in encrypted text
From: Orjan Austvold (austvold_at_colibria.com)
Date: 05/26/04
- Next message: Joe Peschel: "Re: NSA,Windows, etc."
- Previous message: Orjan Austvold: "Re: subtext search in encrypted text"
- In reply to: Ernst Lippe: "Re: subtext search in encrypted text"
- Next in thread: Ernst Lippe: "Re: subtext search in encrypted text"
- Reply: Ernst Lippe: "Re: subtext search in encrypted text"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 26 May 2004 08:59:14 +0200
Ernst Lippe wrote:
> On Wed, 26 May 2004 00:47:16 +0000, David Wagner wrote:
>
>
>>Have you looked at the literature on private keyword
>>searching? I've co-authored one early paper on the subject
>>(http://www.cs.berkeley.edu/~daw/papers/encsearch-oak00.ps); there
>>has recently been quite a bit of follow-on work developing some more
>>powerful and practical techniques.
>
>
> As I understood the system, all legitimate clients should
> be able to search the entire database. For your proposal
> that would mean that all clients would need to possess all the
> keys that are used to encrypt the database. So your solution would help
> when the major threat is a direct attack against the database
> server, but it does not seem to help when the clients are the most
> vulnerable part of the system (in most systems it is a lot
> more difficult to secure all clients than it is to secure a central
> server).
Many (most?) systems are designed so that no other client but (secured)
business logic on a trusted application server can access the database.
In this way the client/server authentication and authorization problem
would not be applied to the above solution. Keys for accessing the
database would then reside only on the application server.
My guess is that by authorizing (real) clients to the system on an
intermediate business logic server, which in turn accesses the encrypted
database server, would reduce the threat to the encrypted database server.
It might sound a bit strange that we do have the need for encrypting
data when we trust the only software accessing the server, but this
requirement stems from governmental laws (of Spain). Private records on
individuals must (no matter what) be stored encrypted on disk.
Ørjan
>
> I am not really certain that my interpretation of the system is
> correct, but I hope that Ørjan will correct any mistakes.
>
> Ernst Lippe
>
- Next message: Joe Peschel: "Re: NSA,Windows, etc."
- Previous message: Orjan Austvold: "Re: subtext search in encrypted text"
- In reply to: Ernst Lippe: "Re: subtext search in encrypted text"
- Next in thread: Ernst Lippe: "Re: subtext search in encrypted text"
- Reply: Ernst Lippe: "Re: subtext search in encrypted text"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
