Frequently Asked Questions

What is OpenSSE?

OpenSSE is an Open Source implementation of single-keyword searchable encryption schemes in C and C++. It is mainly targeted at research purpose but might try to reach production-level quality.

Who developped OpenSSE?

For the moment, the project has been mainly developed by Raphael Bost, with some code originating from Mario Cornejo, Jeremy Maitin-Shepard, Ian Miers, Samuel Neves, Intel, mbedTLS

How is OpenSSE licensed and why?

Most of the code of OpenSSE is licensed under the Affero General Public License. The AGPL is a stronger version of the GPL which enforces the provision of the complete (modified) source code when it is used for service over a network. This license has been chosen to ensure that the current and future users of OpenSSE will always have access to the source code when using it, even through a server. Some other parts of the code (especially some primitive implementations in the cryptographic toolkit) are released under a different license, such as the Apache 2.0 License, the Intel Open Software License, or even under public domain. Look at the READMEs of the different components of the project for further details.

Can I use OpenSSE in production?

NO, absolutely not! For the moment OpenSSE is a research project. The code, and in particular the cryptographic toolkit lacks good C/C++ security practice, and it has never been externally reviewed. Do not use OpenSSE in practice with sensitive data.