> With E2EE, all the server can do is hand you encrypted blobs.
Encrypted search is a thing. You need to know in advance what kind of queries you want to do against your DB, but there are off-the-shelf solutions for encrypted search which do not involve homomorphic encryption. Here's an overview: https://www.cossacklabs.com/blog/secure-search-over-encrypte...
The top-level comment should at least acknowledge that it's possible. We shouldn't just put up our hands and say "it"s impossible/impractical to have E2EE data without overloading our clients", we should be pushing companies to prioritize research into techniques like encrypted search, so that the "future" can come sooner
I mean it’s like Crypto enthusiasts claiming their coins are green because they can theoretically run on renewables, when the reality is that the majority of miners use fossil fuel sources, and either way the energy is wasted.
Similarly, unless we desire E2EE for everything, it’s both algorithmically and computationally more feasible to stick to centralised unencrypted formats.
Encrypted search is a thing. You need to know in advance what kind of queries you want to do against your DB, but there are off-the-shelf solutions for encrypted search which do not involve homomorphic encryption. Here's an overview: https://www.cossacklabs.com/blog/secure-search-over-encrypte...