End-to-end encrypted database ZeroDB is now open source

ZeroDB, an end-to-end encrypted database whose release was announced earlier this year, is now open source.

Developers MacLane Wilkison and Michael Egorov changed the license from proprietary to AGPLv3 on Monday, and invited the public to use it: “Try it, build awesome things with it, break it. Then tell us about it.”

ZeroDB is based on the eponymous protocol that allows end-to-end encrypted queries, which in turn allows encrypted data to be stored on untrusted servers (e.g. in a public cloud).

The data on the server is always encrypted, at rest, in transit, and in use.

“In ZeroDB, the client is responsible for the database logic. Data encryption, decryption and compression also happen client side. Therefore, the server never has any knowledge about the data, its structure or order,” it is explained in the documentation.

“Since the server has no insight into the nature of the data, the risk of a server-side data breach is eliminated. Even if attackers successfully infiltrate the server, they won’t have access to the cleartext data,” the developers pointed out.

ZeroDB deals with encrypted data which can be searched, sorted, and queries without being decrypted, and shared with third parties.

The developers believe it to be ideal for SaaS and cloud service providers, but also for companies in the financial services industry, healthcare industry, government agencies, media companies and telecoms.

The developers published a Python implementation on Monday, and promised that a JavaScript client will be released soon.