This work addresses the severe performance bottlenecks in existing confidential computing-based secure databases operating in untrusted cloud environments, which stem from frequent synchronization of cryptographic operations. To overcome this limitation, the authors propose FEDB, a novel confidential database architecture that introduces a password-free mapping mechanism to decouple encryption from query execution. By maintaining data-agnostic identifiers within the database and securely mapping them back to plaintext secrets within a trusted domain, FEDB effectively removes encryption operations from the critical query path. Experimental evaluation on industry-standard benchmarks, including TPC-C and TPC-H, demonstrates that FEDB reduces runtime overhead by up to 78× compared to prior approaches, substantially alleviating both computational and memory bottlenecks.

Confidential databases (CDBs) are essential for enabling secure queries over sensitive data in untrusted cloud environments using confidential computing hardware. While adoption is growing, widespread deployment is hindered by high performance overhead from frequent synchronous cryptographic operations, which causes significant computational and memory bottlenecks. We present FEDB, a novel CDB design that removes cryptographic operations from the critical path. FEDB leverages crypto-free mappings, which maintain data-independent identifiers within the database while securely mapping them to plaintext secrets in a trusted domain. This paradigm shift reduces the runtime overhead by up to 78.0 times on industry-standard benchmarks including TPC-C and TPC-H.