On 11/21/10 09:47, Doug Chamberlin wrote:

> On 11/20/2010 8:26 PM, W O wrote:
>> Do you know if Firebird provides a native way for encrypt tables or fields?
>>
>> I know there is not such thing in version 1.5 but would be very good to have
>> it. Had been added to newer versions?
>
> No, it is not included in any version of Firebird. There has been a
> recent discussion in the firebird-architect list and it looks like it
> may be worked on soon but only time will tell.
>

Long time lurker raising his head here.

My understanding from previous discussions when people have asked this
question is that the db should not be doing the encryption, the
application should. This obviously indicates a client/server/web config
and not an app using the db as a local datastore.

The thinking behind this was that if you have the db encrypt the data,
then the data has to get from it's source, a terminal/over the internet,
in plain text before it's encrypted and therefore can be snooped on in
some way, and possibly changed. Having the app encrypt the data means
that the moment the data leaves the generating machine on its way to the
db, it's protected.

I could be wrong on this, so take my comment with a grain of salt until
someone else either confirms/denies these statements.

Back to lurking now :)

Andrew

p.s. Also wouldn't the encryption add an additional load to the db?