3

We've got a web app that needs to store sensitive data entered by the user. Currently we're exploring PostgreSQL in AWS. I'm aware of pgcryto and that we can hash contents of certain columns (as not everything needs to be encrypted). However, we need to also be able to search through these columns and perform sorting. These two seem to be limitations once we encrypt the data.

What are my choices at the moment if we must also support sorting and searching? Keeping in mind that the solution must also be performant.

strangetimes
  • 131
  • 1
  • 2

1 Answers1

2

You don't want to encrypt specific columns, what you want to do is encrypt the filesystem that the database is written to, and any backups of your database that you make. AWS offers facilities for doing both of those ( RDS Encrypted resources and S3 server-side encryption ) or you can do it yourself by using LVM volumes that are mounted using ecryptfs.

You fundamentally cannot search or sort an encrypted column without decrypting the contents. If your encryption is effective then any sorting or indexing process will see it as gibberish and if it's not effective then why are you bothering with it?

The other consideration you should be taking into account is the threat model and risk models associated with your data. If you are dealing with certain classes of data you will need to manage your exposure by following mandated security protocols. HIPAA for medical information, PCI DSS for payment information. Detailed guides for implementing those protocols are available, and if you are covered by one of them; follow it.

Encryption and data protection is not an area in which you should be creative; it's hard to get right and will bite you hard if you get it wrong.

Larry
  • 377
  • 1
  • 3