Encryption Techniques
Last updated
Was this helpful?
Last updated
Was this helpful?
In simple words, the encryption techniques range from good-enough, more-than-enough to overkills. The choice of the encryption technique will decide the complexity and features supported to handle the encrypted data.
(good-enough) - The primary advantage of keeping it deterministic is so that we can support equality search on the encrypted data. Here we are stuck with a single active encryption key per tenant.
(more-than-enough) - If we are not constrained to keep the encryption deterministic, then we could also support thousands of active encryption keys per tenant to introduce more randomness to the data. With this, we cannot support equality search on the encrypted data.
Both of the above techniques have been implemented as part of the DIGIT Encryption Service. The links to the implementations are attached above.