[mfrager]

The biggest technical hurdle for this type of database right now is index lookup. Since the nodes on the indexes are encrypted the client/server requires a round trip for every binary tree index level that needs to be traversed. This makes what is usually one of the fastest database operations into a slow one.

[mwilkison]

This is indeed true for our standalone, open source database (https://github.com/zerodb/zerodb).

However, it is not the case for our Hadoop scheme (nor our future support for structured database). In these cases, there is no round-tripping required. In fact, it's significantly more performant than existing Transparent Data Encryption in Hadoop, from both a latency and key rotation perspective.

We'll likely release a paper describing this new scheme later in the year as well as publish at some conferences.

[atmosx]

That will be a very interesting read.

[njkanjsd]

Having worked on a similar product and heard a very similar description of the 'proprietary' method, I'm guessing either security, speed or both are actually compromised.

[michwill]

There are many proprietary methods which are based on deterministic encryption + obfuscating word distribution, that's what most companies do.

We avoid doing that because of questionable security of such method. Also we tend to publish what we do (stay tuned for Hadoop paper :-)