Not your parents’ cryptography – non-traditional encryption problems and solutions


Authors:   Chuck Willis


The presentation discusses various techniques for encrypting data in databases, including deterministic encryption, searchable encryption, and homomorphic encryption.
  • Deterministic encryption allows for searches on equality while keeping data encrypted
  • Searchable encryption allows for searching for keywords in encrypted documents by encrypting the keywords and storing them in a database
  • Homomorphic encryption allows for performing operations on encrypted data in a way that is equivalent to performing the operations before encryption
  • Each technique has its limitations and trade-offs
  • Maintaining an index of keyword frequency can improve the security of searchable encryption
The presenter explains that searchable encryption can be used to search for keywords in encrypted documents by encrypting the keywords and storing them in a database. However, there is a risk of frequency analysis, where common words can be identified and used to determine the contents of the documents. To address this, an index of keyword frequency can be maintained to prevent repeatable encryption. The presenter notes that there are currently no commercial solutions for this technique, so it must be implemented manually.


Encrypted data is essentially random... All you can do is store it or decrypt it... right? These statements are largely true for traditional encryption schemes, and unfortunately those schemes preclude the use of encryption in certain situations. Sometimes sensitive data needs to be protected, but also searchable, indexable, deterministic, and/or in a specific format. This presentation will discuss these and other non-traditional use cases for encrypting data at rest, along with technologies and techniques to satisfy your security requirements.


Post a comment