db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rick Hillegas (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DERBY-5503) Measure the performance degradation incurred by encrypting Derby databases
Date Wed, 16 Nov 2011 19:18:52 GMT

    [ https://issues.apache.org/jira/browse/DERBY-5503?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13151437#comment-13151437

Rick Hillegas commented on DERBY-5503:

Thanks, Mike. The silent switch to async writes would be a scary consequence of using one
of these encrypted file systems.

One vulnerability of using Derby encryption is that the encryption only occurs at the file
level. So for instance, a system table keeps its seg0 filename regardless of whether you encrypt
the database. If a given unencrypted system table is known to begin with a certain pattern
of bytes, this gives an attacker some useful information in cracking the cipher.
> Measure the performance degradation incurred by encrypting Derby databases
> --------------------------------------------------------------------------
>                 Key: DERBY-5503
>                 URL: https://issues.apache.org/jira/browse/DERBY-5503
>             Project: Derby
>          Issue Type: Task
>          Components: Store
>    Affects Versions:
>            Reporter: Rick Hillegas
> It would be good to measure the performance degradation incurred by Derby's encryption.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


View raw message