Should I encrypt individual columns or all data?

lenny.myr

10/19/23, 11:05 AM

I want to AES-GCM some user data that I‘m going to persist in a database. I‘m wondering if I should encrypt individual columns (all with an individual IV ofc) or JSON stringify the sensitive data and then encrypt the whole dataset.

Despite the problem that I need more database space for storing additional IVs, I feel like encrypting individual columns leaks some information about the length of the unencrypted data. Is this an actual Problem or am I being too anxious here?

0 + 3

aes

aes-gcm

kelalaka

10/19/23, 3:36 PM

Usually, the length is not a concern, if it is, one can predict the max size of their data and apply the padding to all. I've advising you to use AES-GCM-SIV mode to eliminate the (IV,key)-reuse problem. Encryption columns or whole is depending on your queries and performance. See CryptDB for enabling query on the encrypted data and be aware there can be some attacks like [frequency](https://crypto.stackexchange.com/q/74786/18298) or due to lack of integrity.

lenny.myr

10/19/23, 8:02 PM

Thank you for your reply. AES-GSM-SIV sounds like a good solution. I wasn't aware of that. Actually I think about querying all the data which belongs to the current user and send it to the client and do filtering there as there won't be too many records.

kelalaka

10/19/23, 8:06 PM

With SIV mode you may use the same key on user's login name to query the row, the rest can be encrypted with different keys and the decryption can be split with string tools... However, that all can change according to your needs. The devil in details

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Should I encrypt individual columns or all data?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.