How A 1200-Year-Old Hacking Technique Can Already Crack Tomorrow's Encrypted Vaults

Discussion in 'privacy technology' started by Dermot7, Sep 3, 2015.

  1. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
    By Thomas Fox-Brewster,
    http://www.forbes.com/sites/thomasb...ft-dumb-attacks-cracks-next-gen-cryptography/
     
  2. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,147
    Location:
    UK
    Thanks very much, this EDB/cryptdb work is extremely important, and knowledge of attacks and weaknesses is vital.
    My interpretation of the "steady state" level of operation (when the db has been running awhile), seems to indicate much more vulnerability, but I'm not clear on the nature of the attack - is it a query timing thing, or does it require modification to the database code itself?
    I'm also not clear whether they regarded this as a fatal flaw, or whether it could be mitigated in some way.
    PS - my first thought on reading the title was the wrench technique, but I guess that's substantially older, at least, blunt instruments....
     
  3. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Well, this is about CryptDB, which was developed to permit operations on encrypted data without first decrypting. And CryptDB developers admit that it's vulnerable. I'm curious whether the latest approaches to homomorphic encryption are as vulnerable as CryptDB is.
     
Loading...