[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LMDB encryption support


> I've recently added support for page-level encryption to LMDB 1.x
> using user-supplied callbacks

That does sound cool. :)

> One question is whether we should actually make this pluggable like
> this, or 
> we should just hardcode support for a specific algorithm and leave it
> at that. 

I vote on keeping it pluggable, so every crypograpy nut out there can
use their favourite mechanism.

> One 
> complication is that if the algorithm is actually user-selectable, we
> need to 
> dynamically adjust DB page layouts to accommodate different nonce/IV
> and 
> signature sizes. (Currently MDB_page metadata is a statically
> defined 
> structure. A dynamic size element here will make processing slower.)

What if page size would still be static, but that static size would be
user-defined on a per-environment basis?

Question: will this affect performance on non-encrypted databases?