This is a summary of the paper “ENKI: Access Control for Encrypted Query Processing” by Hang et al. (SIGMOD 2015). All the information is based on my understanding of the paper and may contain inaccuracies.
ENKI allows the execution of SQL queries over encrypted data. It is based on CryptDB and uses the same model of layers of encryptions. The authors claim that this is the first work that supports queries over data encrypted with different keys.
The implementation is done by adding user-defined functions to a SAP HANA database, and the results of the experiments using the TCP-C benchmark show an average overhead of 36.98% for two users, increasing modestly for more complex scenarios.
The contributions include an attribute-based access control scheme enforced by encryption. In addition, the authors introduce different techniques to support relational operations in multi user mode: query rewriting; privacy-preserving models for join, set difference and count distinct; and a post-processing phase on the client.
ENKI assumes passive attackers, and does not protect against active ones. Furthermore, it does not cover attacks against clients.
The finest granularity for access control is at tuple level. As it is the case with CryptDB, the last encryption layer for items uses deterministic encryption.
Successful attacks to the application can learn the keys of logged in users, but offline users are not affected in this case.
I made a presentation about ENKI containing more details and examples, and made it available on SlideShare: