Securing the Cloud with Client-Side Encryption: Benefits and Challenges

Ionic Encrypted Search (IonES)

Outsourcing data to the cloud is often cheaper, more dependable, and more convenient than in-house solutions, but it also comes with risk. Standard encryption protects against some threats but is not effective in the face of total cloud compromise. Client-side encryption is a much more secure alternative; however, it breaks key business processes like search. Today’s services expect access to plaintext client data in order to work properly, and client-side encryption simply gets in the way. The service cannot find documents matching a query if it can’t decrypt them.

This document, written by Professor David Cash, University of Chicago, discusses practical techniques to enable server-side search on encrypted data without the pitfalls of other proposed partial solutions. We call this Ionic Encrypted Search, or IonES, which combines strong security with true practicality.

To read more and sign up to participate in the IonES private beta release, please read the blog introducing IonES.