cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matthias Pfau <p...@l3s.de>
Subject Re: Storing pre-sorted data
Date Fri, 21 Oct 2011 07:46:41 GMT
Hi David,
yes, what we are working on could be referenced as "encrypted database 
service".

Thanks for your insights. We will continue to work on this topic!

Kind regards
Matthias

On 10/21/2011 02:31 AM, David Jeske wrote:
> If I understand you correctly, you are saying that you will never have
> the encryption key, but that some third-party will. Given this
> description, the design space you are in has nothing to do with
> Cassandra-per-se. Cassandra, like any sorted-order storage, will keep
> data in the order of a key that it can read. A database can't keep data
> sorted in an order that it unknown to it.
>
> I get the idea you are trying to provide "encrypted database services"
> to third-parties, and that you are trying to give them sorted-order
> retrieval. This is a "hard problem". The only two options I see were
> detailed in my previous explanation.
>
> 1) require the client/third-party expose some non-encrypted data, which
> can be used for sorting. Leave it up to them how they can generate data
> useful for sorting which does not compromise security. (previously
> described as option a)
>
> 2) Use some bleeding-edge research order-preserving encryption
> algorithm. (Also, don't compress the sort-key.) If the encrypted form
> sorts in the same order as the unencrypted form, then any database can
> store the encrypted key as if it was normal data and keep the data in
> proper sorted-order. (some extra work would be required for composite
> keys) (previously described as option c)
>
> I hope that helps.. Good luck!
>

Mime
View raw message