Ph.D. Student @ ETH
Recent years have seen explosive growth in devices and services that automatically collect, aggregate, and analyze time series data, and this trend is only expected to accelerate with the proliferation of low-cost sensors and the adoption of IoT. However, with this growth has come mounting concern over protecting this data and the privacy of users. A key challenge in ensuring data privacy is that the need for privacy co-exists with the desire to extract value from the data and extracting value often implies granting users and third-party services access to the data.
TimeCrypt is the first system that augments time series data stores with efficient and privacy-preserving processing of time series data, while providing cryptographic means to restrict the query scope based on the data owners policies. Particularly, we introduce a new encryption-based access control construction that is additively homomorphic. TimeCrypt is tailored for time series workloads, supports fast statistical queries over large volumes of encrypted time series data, and enables users to cryptographically restrict the scope of queries and data access based on pre-defined access policies.
Example queries over encrypted raw time series data in TimeCrypt
Examples of access restrictions in TimeCrypt
To handle the heavy write load of time series workloads, TimeCrypt batches data in fixed time windows on the client side. The client encrypts and complements the chunk with statistical metadata. TimeCrypt's client engine encrypts the metadata with a Homomorphic Encryption-based Access Control (HEAC) construction. HEAC is a new efficient encryption construction, which allows for encrypted data processing and access control simultaneously.
To overcome the challenge of handling low-latency statistical queries over millions of datapoints, TimeCrypt employs an encrypted aggregation index on the server side with the metadata as its building blocks.
Ph.D. Student @ ETH
Researcher @ ETH
Researcher @ UCB