By Thomas Fox-Brewster, http://www.forbes.com/sites/thomasb...ft-dumb-attacks-cracks-next-gen-cryptography/
Thanks very much, this EDB/cryptdb work is extremely important, and knowledge of attacks and weaknesses is vital. My interpretation of the "steady state" level of operation (when the db has been running awhile), seems to indicate much more vulnerability, but I'm not clear on the nature of the attack - is it a query timing thing, or does it require modification to the database code itself? I'm also not clear whether they regarded this as a fatal flaw, or whether it could be mitigated in some way. PS - my first thought on reading the title was the wrench technique, but I guess that's substantially older, at least, blunt instruments....
Well, this is about CryptDB, which was developed to permit operations on encrypted data without first decrypting. And CryptDB developers admit that it's vulnerable. I'm curious whether the latest approaches to homomorphic encryption are as vulnerable as CryptDB is.
