Secure Multi-party Computation in Databases
(This topic is going to be co-supervised by Bernardo Machado David [http://www.bmdavid.com/])
Database systems managing private data may leak sensitive information when queries are done in the clear, even if the data itself is encrypted. A recent line of research has looked into combining database engines supporting standard SQL queries with techniques for secure Multiparty Computation (MPC), which allow for both queries and data to be handled privately. In these hybrid systems, not only the data is protected but the queries made by legitimate users are kept private even from the database engine itself (and consequently from the systems executing this engine). In such databases, it is important to optimize the queries and the database engine in order to minimize the usage of expensive MPC computation while allowing for seamless integration with systems that use standard SQL without being aware of the underlying privacy techniques.
In this project, we will investigate more efficient constructions for privacy preserving databases combining state-of-the-art MPC techniques and database query optimizations. On one hand, we will look into current MPC techniques that best fit this database application with minimal overhead. On the other hand, we will develop systems level optimizations for integrating database engines with the MPC component used for processing queries in a way that MPC usage is kept to a minimal. Throughout the project, both lines of research will be carried out hand-in-hand in order to ensure that both the database and MPC components are designed (and implemented) in a optimal way.