An open-source, end-to-end encrypted database protocol

You need to become a Contributor to join the discussion.
MacLane Wilkison
MacLane WilkisonMaker@maclanewilkison · NuCypher
ZeroDB, an end-to-end encrypted database, is open source! We're excited to release ZeroDB, an end-to-end encrypted database, to the world. ZeroDB makes it easy to develop applications with strong security and privacy guarantees by enabling applications to query encrypted data. zerodb repo: zerodb-server repo: Documentation: Now that it's open source, we want your help to make it better. Try it, build awesome things with it, break it. Then tell us about it. We're releasing a Python implementation today and a JavaScript client will be following soon. For a quick rundown on how it works, check here:
Jean Lucas
Jean Lucas@aleattorium · Brazilian, Product Designer, Developer.
Congrats on the awesome piece of software, can we say it's a "zero knowledge" infrastructure software for my project?
MacLane Wilkison
MacLane WilkisonMaker@maclanewilkison · NuCypher
@aleattorium Strictly speaking, the server can observe access patterns (i.e., which encrypted blobs are accessed), so it would be more correct to say we are end-to-end encrypted. In practice, many people (spideroak, for instance) claim zero knowledge despite leaking access patterns. However, we're examining integrating ORAM technology into ZeroDB, which would hide even access patterns from the server.
svetlyak40wt@svetlyak40wt · Founder of
How does it build indexes if it knows nothing about the data?
MacLane Wilkison
MacLane WilkisonMaker@maclanewilkison · NuCypher
@svetlyak40wt Indexes are built client-side when data is generated. Then both the index and data are encrypted and sent to the database server.
Yaron Guez
Yaron Guez@yaronguez · Chief Software Architect, Crypteron
Very cool! This is similar to what we've built at Crypteron. Our approach, however, is to leave the data where it currently resides, be it public cloud, on-premises, or hybrid cloud, and perform the encryption at the application layer using our developer integrations in C# and Java. This reduces the circle of trust to just the application itself making compliance and auditing much simpler. We take care of key management including secure key distribution, key caching, key rotation, data migration from one key to another, multiple security partitions, and access control rules. We just launched a free Community Edition as well!