Controlling secure processing of confidential data in untrusted devices
First Claim
1. A system comprising:
- secure hardware;
at least one hardware device processor; and
a computer-readable storage medium storing executable instructions that, when executed, cause the at least one hardware device processor to;
receive, from an untrusted module, an encrypted search key value of a search key and a sorted vector representation of an index of a tree structure, the sorted vector representation of the index comprising encrypted key values;
using the secure hardware, decrypt the encrypted search key value to obtain a decrypted search key value;
using the secure hardware, perform a binary search over the sorted vector representation to identify a lookup position of the decrypted search key value in the sorted vector representation; and
provide an identifier of the lookup position to the untrusted module,wherein the secure hardware is configured to;
perform the binary search by decrypting specific encrypted key values in the sorted vector representation that are used in comparison operations during the binary search; and
perform the binary search without decrypting at least some other encrypted key values in the sorted vector representation that are not used in the comparison operations during the binary search.
1 Assignment
0 Petitions
Accused Products
Abstract
A number of transmissions of secure data communicated between a secure trusted device and an unsecure untrusted device in a DBMS is controlled. The data is communicated for database transaction processing in the secure trusted device. The number of transmissions may be controlled by receiving, from the untrusted device, an encrypted key value of a key and a representation of an index of a B-tree structure, decrypting, at the trusted device, the key and one or more encrypted index values, and initiating a transmission, a pointer value that identifies a lookup position in the index for the key. The index comprises secure, encrypted index values. Other optimizations for secure processing are also described, including controlling available computation resources on a secure trusted device in a DBMS and controlling transmissions of secure data that is communicated between a secure trusted device and an unsecure untrusted device in a DBMS.
72 Citations
20 Claims
-
1. A system comprising:
-
secure hardware; at least one hardware device processor; and a computer-readable storage medium storing executable instructions that, when executed, cause the at least one hardware device processor to; receive, from an untrusted module, an encrypted search key value of a search key and a sorted vector representation of an index of a tree structure, the sorted vector representation of the index comprising encrypted key values; using the secure hardware, decrypt the encrypted search key value to obtain a decrypted search key value; using the secure hardware, perform a binary search over the sorted vector representation to identify a lookup position of the decrypted search key value in the sorted vector representation; and provide an identifier of the lookup position to the untrusted module, wherein the secure hardware is configured to; perform the binary search by decrypting specific encrypted key values in the sorted vector representation that are used in comparison operations during the binary search; and perform the binary search without decrypting at least some other encrypted key values in the sorted vector representation that are not used in the comparison operations during the binary search. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
receiving, from an untrusted device, an encrypted search key value of a search key and a sorted vector representation of an index of a tree structure, the sorted vector representation of the index comprising encrypted key values; using secure hardware, decrypting the encrypted search key value to obtain a decrypted search key value; using the secure hardware, performing a binary search over the sorted vector representation to identify a lookup position of the decrypted search key value in the sorted vector representation, the performing the binary search comprising; decrypting specific encrypted key values in the sorted vector representation that are used in comparison operations during the binary search; and not decrypting at least some other encrypted key values in the sorted vector representation that are not used in the comparison operations during the binary search; and transmitting the lookup position to the untrusted device. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A system comprising:
-
a field-programmable gate array (FPGA); at least one hardware device processor; and a computer-readable storage medium storing executable instructions that, when executed, cause the at least one hardware device processor to; obtain an encrypted search key value of a search key and a sorted vector representation of an index of a tree structure, the sorted vector representation of the index comprising encrypted key values; provide the encrypted search key value and the sorted vector representation to the FPGA; and receive, from the FPGA, an identifier of a lookup position of the search key in the sorted vector representation, wherein the FPGA is configured to; perform a binary search over the sorted vector representation to identify the lookup position, the binary search comprising; decrypting specific encrypted key values in the sorted vector representation that are used in comparison operations during the binary search; and not decrypting at least some other encrypted key values in the sorted vector representation that are not used in the comparison operations during the binary search. - View Dependent Claims (17, 18, 19, 20)
-
Specification