Hi David,
yes, what we are working on could be referenced as "encrypted database
service".
Thanks for your insights. We will continue to work on this topic!
Kind regards
Matthias
On 10/21/2011 02:31 AM, David Jeske wrote:
If I understand you correctly, you are saying that you will never have
the encryption key, but that some third-party will. Given this
description, the design space you are in has nothing to do with
Cassandra-per-se. Cassandra, like any sorted-order storage, will keep
data in the order of a key that it can read. A database can't keep data
sorted in an order that it unknown to it.
I get the idea you are trying to provide "encrypted database services"
to third-parties, and that you are trying to give them sorted-order
retrieval. This is a "hard problem". The only two options I see were
detailed in my previous explanation.
1) require the client/third-party expose some non-encrypted data, which
can be used for sorting. Leave it up to them how they can generate data
useful for sorting which does not compromise security. (previously
described as option a)
2) Use some bleeding-edge research order-preserving encryption
algorithm. (Also, don't compress the sort-key.) If the encrypted form
sorts in the same order as the unencrypted form, then any database can
store the encrypted key as if it was normal data and keep the data in
proper sorted-order. (some extra work would be required for composite
keys) (previously described as option c)
I hope that helps.. Good luck!
