http://ayende.comAyende @ RahienCopyright (C) Ayende Rahien 2004 - 2021 (c) 202660There are actually a lot of use cases where this kind of encryption totally makes sense. Think about your country's intelligence agencies as an example.http://ayende.com/157473/awesome-ravendb-feature-of-the-day-encryption#comment10http://ayende.com/157473/awesome-ravendb-feature-of-the-day-encryption#comment10Fri, 10 Aug 2012 22:03:27 GMTIan, You can't always use encrypted file system, some SAN do not support it, for example. And there are often regulations that require something beyond that. In particular, just using encryption at the file system level doesn't protect you from having the clear text in the backup.http://ayende.com/157473/awesome-ravendb-feature-of-the-day-encryption#comment9http://ayende.com/157473/awesome-ravendb-feature-of-the-day-encryption#comment9Thu, 09 Aug 2012 07:54:31 GMTDisclaimer: Everything I know about RavenDB is from this blog - I admit I haven't actually used the product... In that light this may seem silly but had you looked at using something like EFS encryption built into NTFS for this purpose? I guess this would work well for the server product where you could run the service under a dedicated service account but it would be unworkable (or at least difficult) for anything embedded. I also don't know about guaranteed writes to the file system under EFS and whether or not they're affected, and if so, if that would upset RavenDB or make it less reliable.http://ayende.com/157473/awesome-ravendb-feature-of-the-day-encryption#comment8http://ayende.com/157473/awesome-ravendb-feature-of-the-day-encryption#comment8Thu, 09 Aug 2012 01:28:02 GMTAyende, I certainly see applications for this kind of security.http://ayende.com/157473/awesome-ravendb-feature-of-the-day-encryption#comment7http://ayende.com/157473/awesome-ravendb-feature-of-the-day-encryption#comment7Tue, 07 Aug 2012 16:40:12 GMTEd, There is a major difference between authentication / authorization, which is deciding who can reach the database and what data they can read and this feature. This is meant to ensure that you can comply with various regulations that require that you'll never have clear text data at rest. That is, if someone steals the hard drive, they don't get to do anything with it.http://ayende.com/157473/awesome-ravendb-feature-of-the-day-encryption#comment6http://ayende.com/157473/awesome-ravendb-feature-of-the-day-encryption#comment6Tue, 07 Aug 2012 14:19:08 GMTSounds great. But if I understand this correctly: this is a security feature in order to protect the database files yes? Does this mean I still can acces the data via the studio? or does it need the key to show the data.http://ayende.com/157473/awesome-ravendb-feature-of-the-day-encryption#comment5http://ayende.com/157473/awesome-ravendb-feature-of-the-day-encryption#comment5Tue, 07 Aug 2012 10:45:55 GMT@configurator - that's awesome!http://ayende.com/157473/awesome-ravendb-feature-of-the-day-encryption#comment4http://ayende.com/157473/awesome-ravendb-feature-of-the-day-encryption#comment4Tue, 07 Aug 2012 09:57:31 GMTOh, I didn't know this blog uses markdown. Imagine that bullet point was just a star.http://ayende.com/157473/awesome-ravendb-feature-of-the-day-encryption#comment3http://ayende.com/157473/awesome-ravendb-feature-of-the-day-encryption#comment3Tue, 07 Aug 2012 09:49:07 GMTThis is important: if you use this bundle, backup your keys. They will not be backed up together with the rest of the database. Back them up, or your database backup is completely worthless. Phillip: in most cases, encryption is faster than I/O. I didn't notice a major difference when working on the encryption bundle*, and I did quite a bit of testing with and without it - generally ran a 15-minute test suite on it, and it took roughly the same time, although I didn't do any real performance testing. * Well, an old version did have a 30x slowdown factor, but that was fixed. It was probably a teeny tiny bit more secure (paranoid-level security), but slow enough to actually fail to read documents with a timeout...http://ayende.com/157473/awesome-ravendb-feature-of-the-day-encryption#comment2http://ayende.com/157473/awesome-ravendb-feature-of-the-day-encryption#comment2Tue, 07 Aug 2012 09:48:31 GMTDoes this kill indexing performance? I would assume RavenDB needs to decrypt each document in order to index it, then encrypt the index information correct? That process must be slow?http://ayende.com/157473/awesome-ravendb-feature-of-the-day-encryption#comment1http://ayende.com/157473/awesome-ravendb-feature-of-the-day-encryption#comment1Tue, 07 Aug 2012 09:23:38 GMT