An open-source, end-to-end encrypted database protocol
5 years ago
Would you recommend this product?
No reviews yet
ZeroDB, an end-to-end encrypted database, is open source! We're excited to release ZeroDB, an end-to-end encrypted database, to the world. ZeroDB makes it easy to develop applications with strong security and privacy guarantees by enabling applications to query encrypted data. zerodb repo:
Brazilian, Product Designer, Developer.
Congrats on the awesome piece of software, can we say it's a "zero knowledge" infrastructure software for my project?
Strictly speaking, the server can observe access patterns (i.e., which encrypted blobs are accessed), so it would be more correct to say we are end-to-end encrypted. In practice, many people (spideroak, for instance) claim zero knowledge despite leaking access patterns. However, we're examining integrating ORAM technology into ZeroDB, which would hide even access patterns from the server.
Founder of AllMyChanges.com
How does it build indexes if it knows nothing about the data?
Indexes are built client-side when data is generated. Then both the index and data are encrypted and sent to the database server.
Chief Software Architect, Crypteron
Very cool! This is similar to what we've built at Crypteron. Our approach, however, is to leave the data where it currently resides, be it public cloud, on-premises, or hybrid cloud, and perform the encryption at the application layer using our developer integrations in C# and Java. This reduces the circle of trust to just the application itself making compliance and auditing much simpler. We take care of key management including secure key distribution, key caching, key rotation, data migration from one key to another, multiple security partitions, and access control rules. We just launched a free Community Edition as well!