Solution · TorusDB

TorusDB

The encrypted data platform. Store, query, and serve data that is never decrypted. Not at rest, not in transit, not even in use.

Request Demo
Deployment Fit

Built to run where encryption usually can’t.

Not an FHE that does everything. Just what a database actually needs, on air-gapped CPUs, today.

Standard CPUs only

No GPU or TPU cluster required. It drops straight into the air-gapped networks of banks, government, and electronics makers where GPU-based encryption can’t go.

No schema changes

Column types are preserved and no ALTER TABLE is needed. It applies instantly to existing Oracle, MSSQL, SAP HANA, PostgreSQL, and MySQL.

Real-time core DB ops

Comparison (WHERE) and aggregation (SUM) are the operations databases lean on most. They run on ciphertext in microseconds.

Example at a glance
torusdb · 4chains
SELECT id, name, ssn FROM customers WHERE risk_score > 0.8;
1042enc
1043enc
1044enc
computed on ciphertext▸ 1.13 ms · never decrypted

The problem it solves

Today

Data has to be decrypted to be used. So every query, analytics job, and breach becomes a moment of plaintext exposure for attackers and insiders.

With TorusDB

Store and query data that is never decrypted. The plaintext-exposure window simply doesn't exist, at rest, in transit, or in use.

Encrypted across the entire lifecycle

Queries run directly on ciphertext, so there is no moment of plaintext exposure for an attacker, or an insider, to exploit.

Tweezer encryption: only what matters

Apply encryption like tweezers, to just the highest-risk columns (national ID, account number, transaction memo). Keep your DB architecture and isolate the data that carries the risk.

Fits your existing data stack

Works alongside the systems of record you already run, so teams adopt privacy-preserving data without re-platforming.

How TorusDB works

Encryption stays on the data through its whole life, from the moment it's written to the moment a result is read.

1

Encrypt at the source

Sensitive columns are encrypted before they ever land, so plaintext never touches storage.

2

Store as ciphertext

Data sits encrypted at rest, and keys are never pooled in one place to steal.

3

Query on ciphertext

SQL runs directly on encrypted data: filtered, joined, and aggregated without decryption.

4

Return encrypted results

Only the entitled client decrypts, at the edge. The platform never sees plaintext.

Wondering if this fits your environment?

Take 15 minutes with a security engineer, against your real workload.

Talk to an expert

Frequently asked

Quick answers about this product.

We don't claim quantum resistance as a mathematical property of the cipher itself. Instead, TorusDB's No-Key architecture removes what a quantum attack would target: no public, evaluation, or secret key ever lives on the server, so there is nothing there for a Shor-style attack to derive. The server's view is designed to be information-theoretically independent of the plaintext, so even a quantum adversary has no key to break and no readable data to take. For quantum-resistant signing and authentication, PrivID adds a lattice-based layer (CRYSTALS-Dilithium, the NIST FIPS 204 standard) on top.

Yes. Homomorphically encrypted data doesn't reveal the size, order, or distribution of the plaintext, so a plain B-tree index no longer applies. TorusDB instead provides a token-based Secure Index that filters quickly while data stays as ciphertext, and uses parallelism to accelerate heavy queries.

Throughput scales with core count and parallelism, from single-core encryption to multi-node pipelines, and is tuned to your environment. Concrete figures for environments like ERP and SAP HANA are measured and shared through a PoC.

No. The team running analysis holds neither the plaintext nor a decryption key. Statistics, aggregation, conditional search, and segmentation run on ciphertext, and results are produced as ciphertext by default. When a final decryption is genuinely required, no individual holds the key alone. It's handled selectively via threshold key sharing / MPC / policy-based approval.

Column-level keys, role-based access, and a KMS are security policies: they govern who may access data. Homomorphic encryption is a compute technology that runs operations on ciphertext without decrypting it. They aren't competitors but complements. TorusDB's goal is to run statistics, aggregation, matching, and analysis without ever exposing plaintext.

See TorusDB on your data.

Bring a real workload. We'll show queries running on encrypted data.