A Scalable Private Time Series Data Store

The first practical TSDB to support both computation over encrypted time series data and
fine-grained cryptographic access control on queries.

Recent years have seen explosive growth in devices and services that automatically collect, aggregate, and analyze time series data, and this trend is only expected to accelerate with the proliferation of low-cost sensors and the adoption of IoT. However, with this growth has come mounting concern over protecting this data and the privacy of users. A key challenge in ensuring data privacy is that the need for privacy co-exists with the desire to extract value from the data and extracting value often implies granting users and third-party services access to the data.

The System

TimeCrypt is the first system that augments time series data stores with efficient and privacy-preserving processing of time series data, while providing cryptographic means to restrict the query scope based on the data owners policies. Particularly, we introduce a new encryption-based access control scheme that is additively homomorphic. TimeCrypt is tailored for time series workloads, supports fast statistical queries over large volumes of encrypted time series data, and enables users to cryptographically restrict the scope of queries and data access based on pre-defined access policies.

Example queries over encrypted raw time series data in TimeCrypt

  • What was my heart rate in one hour granularity over the last month?
  • How many steps have I done since Tuesday?
  • What was the average and variance of the energy consumption in my household over the last year?
  • Did the server in rack one exceed 70 percent CPU utilization yesterday?

Examples of access restrictions in TimeCrypt

  • Alice is allowed to query my sleep measurements in July.
  • Bob is allowed to query my heart rate from last year but only in one hour granularity.

In TimeCrypt only encrypted data is stored on the remote server, yet without losing the analytics functionality on the client side.

Scalability for Time Series Workloads

To handle the heavy write load of time series workloads, TimeCrypt batches data in fixed time windows on the client side. The client encrypts and complements the chunk with statistical metadata. TimeCrypt's client engine encrypts the metadata with a Homomorphic Encryption-based Access Control (HEAC) scheme. HEAC is a new efficient encryption scheme, which allows for encrypted data processing and access control simultaneously.

To overcome the challenge of handling low-latency statistical queries over millions of datapoints, TimeCrypt employs an encrypted aggregation index on the server side with the metadata as its building blocks.


TimeCrypt: A Scalable Private Time Series Data Store.
Lukas Burkhalter, Hossein Shafagh, Anwar Hithnawi, Sylvia Ratnasamy
In ArXiv, arXiv:1811.03457 [cs.CR], November 2018

TimeCrypt Code

Coming Soon.


card image

Lukas Burkhalter

Ph.D. Student @ ETH

Lukas Burkhalter

Lukas Burkhalter is a Ph.D. candidate and research assistant at the Distributed Systems Group at ETH Zurich.

card image

Hossein Shafagh

Researcher @ ETH

Hossein Shafagh

Hossein Shafagh is a researcher at the Distributed Systems Group at ETH Zurich.

card image

Anwar Hithnawi

Researcher @ UCB

Anwar Hithnawi

Anwar Hithnawi is a researcher at the NetSys Lab at UC Berkeley, USA.

card image

Sylvia Ratnasamy

Professor @ UCB

Sylvia Ratnasamy

Sylvia Ratnasamy is an Associate Professor at the NetSys Lab at UC Berkeley, USA.