SoylentNews

The Mighty Buzzard writes:

From the fine folks over at net-security.org comes this interesting announcement [net-security.org]:

ZeroDB, an end-to-end encrypted database whose release was announced earlier this year, is now open source [github.com].

Developers MacLane Wilkison and Michael Egorov changed the license from proprietary to AGPLv3 on Monday, and invited [zerodb.io] the public to use it: "Try it, build awesome things with it, break it. Then tell us about it."

ZeroDB is based on the eponymous protocol that allows end-to-end encrypted queries, which in turn allows encrypted data to be stored on untrusted servers (e.g. in a public cloud).

The data on the server is always encrypted, at rest, in transit, and in use.

"In ZeroDB, the client is responsible for the database logic. Data encryption, decryption and compression also happen client side. Therefore, the server never has any knowledge about the data, its structure or order," it is explained in the documentation [zerodb.io].

"Since the server has no insight into the nature of the data, the risk of a server-side data breach is eliminated. Even if attackers successfully infiltrate the server, they won't have access to the cleartext data," the developers pointed out [zerodb.io].

No, NCommander, we don't need to switch databases twice in a year. Wait till 2016 at least.

Original Submission