Some encrypted databases aren't secure, finds Microsoft study

There's more bad news regarding the security of healthcare data, according to a study from Microsoft.

Many types of databases used for EHRs are vulnerable to leaking protected information, regardless of their encryption status. Researchers found that sensitive information, including sex, age, race, hospital admission information and other medical data could be accessed and stolen using four types of cyberattacks.

In an experiment with encrypted databases operating in a steady-state where enough encryption layers had been peeled to allow applications to run queries, the study authors found the attacks could correctly recover order-preserving encrypted attributes for more than 80 percent of the patient records from 95 percent of the 200 hospitals included in the study. Certain attributes under deterministic encryption could be recovered for more than 60 percent of patient records.

The authors suggested that while the amount of recoverable data described in the study is already considerable, it should be viewed as the lower bound on what could potentially be extracted. “The first reason is that the attacks only make use of leakage from the [encrypted database] and do not exploit the considerable amount of leakage that occurs from the queries to the [encrypted database],” they wrote. “The second reason is that our attacks do not even target the weakest encryption schemes used in these systems (e.g., the schemes used to support equi- and range-joins).”

Not surprisingly, the researchers conclude that the types of encrypted database systems they studied and found vulnerable to attack should not be used for storing medical information.

Read the complete study.