2025-10-09 –, Krakow/ Business Value & Enterprise Adoption
Today’s “RAG” (Retrieval‑Augmented Generation) systems rely on vector databases, yet the vectors they store are fully invertible: with only the embedding you can reconstruct the original confidential text. In a live demo we will show how a few dozen lines of Python extract embeddings from an off‑the‑shelf ChromaDB instance and recreate sensitive source documents—then contrast this with an impossible inversion attack against the same workload running on CyborgDB, the first end‑to‑end‑encrypted vector database.
The talk opens by quantifying the privacy gap that stalls 46 % of AI pilots in regulated industries. We dissect the attack surface of plaintext embeddings, illustrate a successful extraction + inversion attack, and measure how often real‑world deployments leak data. We then deep‑dive into the cryptographic design of CyborgDB (which uses OpenSSL). Benchmarks show only 15 % latency overhead versus plaintext search and 7× throughput uplift on GPU accelerators, making encrypted retrieval practical for production workloads. Audience members will leave with working open‑source code, Docker images, and clear architectural patterns for plugging confidential vector search into any OpenSSL‑based stack.
Why this matters to the OpenSSL community
Enterprises are finally comfortable running inference inside TEEs or over TLS‑protected channels, yet the moment they persist embeddings in a vector store they break the chain of confidentiality. The security boundary therefore collapses at the exact point where OpenSSL normally delivers its strongest guarantees. This session shows how to extend those guarantees all the way through vector similarity search—without sacrificing recall or latency. 
Session flow
1. Setting the stage (5 min)
2. Anatomy of an embedding‑inversion attack (10 min)
Live demo: query a public ChromaDB instance, dump vector columns, and reconstruct PHI/PCI text using a published inversion model. Attendees see the plaintext leak in real time.
3. Design requirements for a confidential vector DB (5 min)
4. Cryptographic deep dive (12 min)
5. Performance & scalability results (5 min)
6. Integration patterns & code walk‑through (3 min)
Drop‑in wrapper: pip install cyborgdb-service; schema identical to pgvector/HNSWLib. Repo link: cyborginc/vectordb-inversion-demo. 
7. Road‑map & Q/A (5 min)
Open problems: post‑quantum search tokens, homomorphic similarity metrics, etc.
Audience take‑aways
• A reproducible attack toolkit to evaluate their own vector stores.
• A production‑ready open‑source reference implementation of encrypted similarity search that compiles against stock OpenSSL.
• Architectural patterns for combining TEEs, KMS, and TLS to achieve end‑to‑end Confidential AI.
Prerequisites
Attendees should be comfortable with basic cryptography (symmetric encryption, key exchange) and have some familiarity with vector search or RAG pipelines. Code examples are in Python and Rust.
Nicolas Dupont is the Founder and CEO of Cyborg, a company pioneering Confidential AI. Their main product, CyborgDB, is an end-to-end encrypted vector database (which uses OpenSSL primitives) to make Confidential AI inference a reality.