Which file should I look up for detailed implementation of encrypted sql operations?

[X1anWang]

Hi, I want to know how I can get a better understanding of EdgelessDB implementation details and especially know the answers to the following questions:

1. what kind of encryption tools is used for data encryption?
2. are all operations executed straightforwardly in enclaves? From what I understood, the enclave has limited memory and it could be very slow.
3. is there any special algorithm designed for certain operators, e.g. select, join, etc. for better execution performance?

I tried to read between lines to get the answer but the status quo is the files I looked up are mostly config or compile files, or header file. My knowledge storage cannot even help me locate the correct related files.

[thomasten]

Hi,
We plan to write about this (#73 (comment)), but there's no ETA yet.

But I can give you brief answers:

1. The authenticated encryption (AES-GCM) is implemented in https://github.com/edgelesssys/edgeless-rocksdb. You may look at the commit history to see the changes.
2. Yes, it runs entirely in the enclave. On recent Intel CPUs (Icelake), the memory limitation is gone.
3. No, we didn't modify the SQL layer. Crypto is implemented at the storage layer.

Hope this helps.