[aerogear-dev] Querying encrypted data
Bruno Oliveira
bruno at abstractj.org
Mon Oct 14 16:09:47 EDT 2013
I would say the idea #3 looks interesting and if not possible our
fallback could be idea #1.
> Summers Pittman <mailto:supittma at redhat.com>
> October 14, 2013 4:47 PM
> One of the things that came up while discussing offline secure storage
> on Android was how to query encrypted data.
>
> The first ideas that I could think of were:
>
> 1) Load encrypted files/data/databases into memory, decrypt them, query
> them, return results and GC the decrypted data.
>
> 2) magical phonetic encryption
>
> 3) Include queryable decrypted metadata along with encrypted payloads.
> The payloads will not be queryable and only be decrypted if metadata
> matches the query.
>
> #1 has some benefits (easy to implement across platforms, doesn't
> require a lot of work) and some draw backs (large datasets would eat
> into available memory, whole dataset would be vulnerable to a VM attack).
>
> #2 is a placeholder for better ideas.
>
> #3 is interesting because it is a middle of the road approach. One of
> the options for implementation I thought of would be to annotate fields
> in the VO being stored as "privledged" and they would be the only ones
> encrypted/decrypted when an object is stored or loaded.
>
> wdyt?
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
--
abstractj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
Url : http://lists.jboss.org/pipermail/aerogear-dev/attachments/20131014/c9fee644/attachment.bin
More information about the aerogear-dev
mailing list