1

I want to AES-GCM some user data that I‘m going to persist in a database. I‘m wondering if I should encrypt individual columns (all with an individual IV ofc) or JSON stringify the sensitive data and then encrypt the whole dataset.

Despite the problem that I need more database space for storing additional IVs, I feel like encrypting individual columns leaks some information about the length of the unencrypted data. Is this an actual Problem or am I being too anxious here?

lenny.myr
  • 111
  • 1
  • Usually, the length is not a concern, if it is, one can predict the max size of their data and apply the padding to all. I've advising you to use AES-GCM-SIV mode to eliminate the (IV,key)-reuse problem. Encryption columns or whole is depending on your queries and performance. See CryptDB for enabling query on the encrypted data and be aware there can be some attacks like frequency or due to lack of integrity. – kelalaka Oct 19 '22 at 15:36
  • Thank you for your reply. AES-GSM-SIV sounds like a good solution. I wasn't aware of that. Actually I think about querying all the data which belongs to the current user and send it to the client and do filtering there as there won't be too many records. – lenny.myr Oct 19 '22 at 20:02
  • With SIV mode you may use the same key on user's login name to query the row, the rest can be encrypted with different keys and the decryption can be split with string tools... However, that all can change according to your needs. The devil in details – kelalaka Oct 19 '22 at 20:06

0 Answers0