On the Difficulty of Securing Web Applications Using CryptDB

Crypt DB has been proposed as a practical and secure middleware to protect databases deployed on semi-honest cloud servers. While CD provides sufficient protection under Threat-1, here we demonstrate that when CD is deployed to secure the cloud hosted database of a realistic Web application, an attacker to database or a Malicious Database Administrator (mDBA) can easily steal information, and even escalate his privilege to become the administrator of the Web application. Our attacks, fall under a restricted form of Threat-2 where we only assume that the attackers or the mDBA tampers with the CD protected database and is opens an ordinary user account through the Web application. Our attacks, are carried out assuming perfectly secure proxy and application servers. Therefore, the attacks work without recovering the master key residing on the proxy server. At the root of the attack lies the lack of any integrity checks for the data in the CD database. We propose a number of practical countermeasures to mitigate attacks targeting the integrity of the CD database. We also demonstrate that the data integrity is not sufficient to protect the databases, when query integrity and frequency attacks are considered.