Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Database encryption #4019

Closed
wants to merge 5 commits into from
Closed

Database encryption #4019

wants to merge 5 commits into from

Conversation

rnewson
Copy link
Member

@rnewson rnewson commented May 10, 2022

No description provided.

@rnewson rnewson changed the title Native encryption Database encryption May 11, 2022
@rnewson rnewson force-pushed the aegis_3.x branch 4 times, most recently from a092f4a to 70b1773 Compare May 23, 2022 14:18
@rnewson
Database Encryption Support
cffbb1d 
CouchDB can optionally encrypt databases and views.

We use AES in Counter Mode, which ensures we can encrypt and decrypt
any section of the file without padding or alignment. The ciphertext
is the same length as the plaintext. This mode provides
confidentiality but not authentication.

Key management is configurable, a system administrator can write a
module implementing the aegis_key_manager behaviour with any
implementation. CouchDB ships with an implementation that stores keys
in the config file as an example, but this is not suitable for
production.
@rnewson rnewson force-pushed the aegis_3.x branch 7 times, most recently from cfd8903 to 1e92b3e Compare May 23, 2022 17:41
@rnewson rnewson force-pushed the aegis_3.x branch 2 times, most recently from b5ec5ac to 7b38d57 Compare May 23, 2022 22:10
@rnewson rnewson closed this Jun 13, 2022
@rnewson rnewson deleted the aegis_3.x branch June 13, 2022 18:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@rnewson