FHE-SQL: Fully Homomorphic Encrypted SQL Database

• URL: http://arxiv.org/abs/2510.15413v1
• Date: Fri, 17 Oct 2025 08:07:27 GMT
• Title: FHE-SQL: Fully Homomorphic Encrypted SQL Database
• Authors: Po-Yu Tseng, Po-Chu Hsu, Shih-Wei Liao,
• Abstract summary: FHE- is a privacy-preserving database system that enables secure query processing on encrypted data.<n>Unlike property-preserving systems such as CryptDB, FHE- performs computations entirely under encryption.
• Score: 0.09176056742068811
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: FHE-SQL is a privacy-preserving database system that enables secure query processing on encrypted data using Fully Homomorphic Encryption (FHE), providing privacy guaranties where an untrusted server can execute encrypted queries without learning either the query contents or the underlying data. Unlike property-preserving encryption-based systems such as CryptDB, which rely on deterministic or order-preserving encryption and are vulnerable to frequency, order, and equality-pattern inference attacks, FHE-SQL performs computations entirely under encryption, eliminating these leakage channels. Compared to trusted-hardware approaches such as TrustedDB, which depend on a hardware security module and thus inherit its trust and side-channel limitations, our design achieves end-to-end cryptographic protection without requiring trusted execution environments. In contrast to high-performance FHE-based engines-Hermes, which target specialized workloads such as vector search, FHE-SQL supports general SQL query semantics with schema-aware, type-safe definitions suitable for relational data management. FHE-SQL mitigates the high cost of ciphertext space by using an indirection architecture that separates metadata in RocksDB from large ciphertexts in blob storage. It supports oblivious selection via homomorphic boolean masks, multi-tier caching, and garbage collection, with security proven under the Universal Composability framework.

Related papers

• NSHEDB: Noise-Sensitive Homomorphic Encrypted Database Query Engine [5.1414137771359565]
  Homomorphic encryption (HE) enables computations directly on encrypted data, offering strong cryptographic guarantees for secure and privacy-preserving data storage and query execution.<n>Despite its theoretical power, practical adoption of HE in database systems remains limited due to extreme cipher-text expansion, memory overhead, and the computational cost of bootstrapping.<n>NSHEDB is a secure query processing engine designed to address these challenges at the system architecture level.
  arXiv  Detail & Related papers  (2026-02-27T18:41:10Z)
• Secure Semantic Communication With Homomorphic Encryption [52.5344514499035]
  This paper explores the feasibility of applying homomorphic encryption to SemCom.<n>We propose a task-oriented SemCom scheme secured through homomorphic encryption.
  arXiv  Detail & Related papers  (2025-01-17T13:26:14Z)
• Hades: Homomorphic Augmented Decryption for Efficient Symbol-comparison -- A Database's Perspective [1.3824176915623292]
  This paper introduces HADES, a novel cryptographic framework that enables efficient and secure comparisons on encrypted data.<n>Based on the Ring Learning with Errors (RLWE) problem, HADES provides CPA-security and incorporates perturbation-aware encryption to mitigate frequency-analysis attacks.
  arXiv  Detail & Related papers  (2024-12-28T02:47:14Z)
• HOPE: Homomorphic Order-Preserving Encryption for Outsourced Databases -- A Stateless Approach [1.1701842638497677]
  Homomorphic OPE (HOPE) is a new OPE scheme that eliminates client-side storage and avoids additional client-server interaction during query execution. We provide a formal cryptographic analysis of HOPE, proving its security under the widely accepted IND-OCPA model.
  arXiv  Detail & Related papers  (2024-11-26T00:38:46Z)
• Enc2DB: A Hybrid and Adaptive Encrypted Query Processing Framework [47.11111145443189]
  We introduce Enc2DB, a novel secure database system following a hybrid strategy on and openGauss. We present a micro-benchmarking test and self-adaptive mode switch strategy that can choose the best execution path (cryptography or TEE) to answer a given query. We also design and implement a ciphertext index compatible with native cost model and querys to accelerate query processing.
  arXiv  Detail & Related papers  (2024-04-10T08:11:12Z)
• The Power of Bamboo: On the Post-Compromise Security for Searchable Symmetric Encryption [43.669192188610964]
  Dynamic searchable symmetric encryption (DSSE) enables users to delegate the keyword search over dynamically updated databases to an honest-but-curious server. This paper studies a new and practical security risk to DSSE, namely, secret key compromise. We introduce the notion of searchable encryption with key-update (SEKU) that provides users with the option of non-interactive key updates.
  arXiv  Detail & Related papers  (2024-03-22T09:21:47Z)
• CodeChameleon: Personalized Encryption Framework for Jailbreaking Large Language Models [49.60006012946767]
  We propose CodeChameleon, a novel jailbreak framework based on personalized encryption tactics. We conduct extensive experiments on 7 Large Language Models, achieving state-of-the-art average Attack Success Rate (ASR) Remarkably, our method achieves an 86.6% ASR on GPT-4-1106.
  arXiv  Detail & Related papers  (2024-02-26T16:35:59Z)
• HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
  Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs) TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks. We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
  arXiv  Detail & Related papers  (2024-01-17T00:56:23Z)
• Blind Evaluation Framework for Fully Homomorphic Encryption and Privacy-Preserving Machine Learning [0.0]
  Blind Evaluation Framework (BEF) is a cryptographically secure programming framework. It enables blind, but correct, execution of programming logic without Interactive Rounds of Decryption and Evaluation (IRDE) This is the first framework to enable both training and inference of machine learning models with FHE without decryption rounds.
  arXiv  Detail & Related papers  (2023-10-19T20:33:02Z)
• DiCE -- A Data Encryption Proxy for the Cloud [0.0]
  There are concerns about the confidentiality and security of the outsourced data. The DiCE' driver parses queries as a proxy and encrypts these queries. This allows to execute many queries on an encrypted database in the cloud with the relational performance as on unencrypted databases.
  arXiv  Detail & Related papers  (2023-10-09T13:33:59Z)
• SOCI^+: An Enhanced Toolkit for Secure OutsourcedComputation on Integers [50.608828039206365]
  We propose SOCI+ which significantly improves the performance of SOCI. SOCI+ employs a novel (2, 2)-threshold Paillier cryptosystem with fast encryption and decryption as its cryptographic primitive. Compared with SOCI, our experimental evaluation shows that SOCI+ is up to 5.4 times more efficient in computation and 40% less in communication overhead.
  arXiv  Detail & Related papers  (2023-09-27T05:19:32Z)
• Publicly-Verifiable Deletion via Target-Collapsing Functions [81.13800728941818]
  We show that targetcollapsing enables publiclyverifiable deletion (PVD) We build on this framework to obtain a variety of primitives supporting publiclyverifiable deletion from weak cryptographic assumptions.
  arXiv  Detail & Related papers  (2023-03-15T15:00:20Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.