Sommelier DB

Open source DB with public-key searchable encryption: discerning encrypted data without knowing the contents, just like a sommelier!

Overview of Sommelier DB

Sommelier DB is an open source DB library combining SQLite and public-key searchable encryption (PKSE). In addition to existing SQLite features, it provides functions for PKSE as below.

1. A new SQL function to test a keyword encryption of the PKSE scheme.
2. C and Rust functions to generate a keyword encryption and a trapdoor of the PKSE scheme.

The above functions allow users to have the database (DB) server search for appropriate records in the DB without revealing their search criteria. For more detail about Sommelier DB, see here.

Overview of Sommelier Drive

Sommelier Drive is a remote file system developed as the first application of Sommelier DB. Its stored files and their file paths are encrypted with the public key of the legitimate user who has read permission to the file. Therefore, other users who do not have the read permission or the administrator of the server hosting the file system cannot know what files exist and where they are located. Furthermore, the legitimate users can generate trapdoors using the user's private key, allowing the server to search for the appropriate file without revealing the search criteria.

This is a demo movie of the glibc client for Sommelier Drive!

Its detailed specifications are available here.

Disclaimer

DO NOT USE THIS LIBRARY IN PRODUCTION. At this point, this is under development. It has known and unknown bugs and security flaws.

Quick Links

• Sommelier DB implementation
• Server implementation of Sommelier Drive
• Client implementation of Sommelier Drive
• Glibc client implementation of Sommelier Drive
• PKSE implementation written in Rust

Acknowledgments

The logo illustration for Sommelier DB was provided by Kirari Suegami in 2022.