maria-developers team mailing list archive

[Elmar Eperiesi-Beck <elmar@xxxxxxxxxxxxxxxx>]

Thank you for your feedback - 

What we want to achieve is, that the encryption key is stored outside the database. But you are right – if an attacker has access to the key and the encrypted value, he is able to decrypt the content.

That means you have to store the key file in a place, where the attacker with system privileges is unable to access it. But the DB-Process must be able to have access at startup time.

We have enhanced the concept with the possibility to enter the key manually during the startup phase if a keyfile does not exist.

Or you use an external encryption/decryption server that does all the encryption/decryption operation in the key server and does not transfer any key. Than an attacker has to steal the database and the key server and have the access credentials to both...


Am 17.06.2014 um 18:49 schrieb Roberto Spadim <roberto@xxxxxxxxxxxxx>:

> well, for a first version, i think it's nice :)
> maybe more information about the key server should be nice
> about key file...  if the attacker know the file and contents, he/she could decrypt the table/column?
> 
> 
> 2014-06-17 13:40 GMT-03:00 Elmar Eperiesi-Beck <elmar@xxxxxxxxxxxxxxxx>:
> Hi,
> I agree with you. If we want to know, what Google has developed as encryption feature, we will have to wait for your source code to be published.
> 
> In the meantime, you can find our concept for the encryption on our website: http://bit.ly/1slJyuI
> Feedback (negative and positive) from all of you is welcome - and needed!
> 
> Best Regards
> Elmar
>