Building practical systems that compute on encrypted data
DownloadFull printable version (52.82Mb)
Other Contributors
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.
Advisor
Nickolai Zeldovich.
Terms of use
Metadata
Show full item recordAbstract
Theft of confidential data is prevalent. In most applications, confidential data is stored at servers. Thus, existing systems naturally try to prevent adversaries from compromising these servers. However, experience has shown that adversaries still find a way to break in and steal the data. This dissertation shows how to protect data confidentiality even when attackers get access to all the data stored on servers. We achieve this protection through a new approach to building secure systems: building practical systems that compute on encrypted data, without access to the decryption key. In this setting, we designed and built a database system (CryptDB), a web application platform (Mylar), and two mobile systems, as well as developed new cryptographic schemes for them. We showed that these systems support a wide range of applications with low overhead. The work in this thesis has already had impact: Google uses CryptDB's design for their new Encrypted BigQuery service, and a medical application of Boston's Newton-Wellesley hospital is secured with Mylar.
Description
Thesis: Ph. D., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2014. Cataloged from PDF version of thesis. Includes bibliographical references (pages 137-152).
Date issued
2014Department
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer SciencePublisher
Massachusetts Institute of Technology
Keywords
Electrical Engineering and Computer Science.