References & Citations
Computer Science > Cryptography and Security
Title: BigFoot: Exploiting and Mitigating Leakage in Encrypted Write-Ahead Logs
(Submitted on 17 Nov 2021 (v1), last revised 29 Nov 2021 (this version, v2))
Abstract: Modern databases and data-warehousing systems separate query processing and durable storage. Storage systems have idiosyncratic bugs and security vulnerabilities, thus attacks that compromise only storage are a realistic threat. In this paper, we show that encryption alone is not sufficient to protect databases from compromised storage. Using MongoDB WiredTiger as a concrete example, we demonstrate that sizes of encrypted writes to a durable write-ahead log can reveal sensitive information about the inputs and activities of MongoDB applications. We then design, implement, and evaluate BigFoot, a WAL modification that mitigates size leakage.
Submission history
From: Jialing Pei [view email][v1] Wed, 17 Nov 2021 20:14:31 GMT (4558kb,D)
[v2] Mon, 29 Nov 2021 04:35:14 GMT (4556kb,D)
Link back to: arXiv, form interface, contact.