The solidDB server offers two encryption methods for keeping your database secure: the built-in DES algorithm and the AES-256 algorithm that is provided with the OpenSSL libcrypto library.
If you want to encrypt the database files and log files by using either DES or AES-256 encryption, you must create an encrypted database by using solidDB command-line options.
You can check whether a database is encrypted or not by using the DATABASE_ENCRYPTION_LEVEL system function, see System functions.
Note that using an encrypted database affects the database server performance for both read and write operations:
▪ On read type operations in disk-based tables, performance impact is mostly determined by the cache hit rate and is not significant when the cache hit rate is high. Encryption has no impact on read operations in in-memory tables.
▪ On insert and update operations, the server encrypts and decrypts the log files. The performance penalty can be more significant than with read operations.
DES algorithm
The DES algorithm, which is shipped with solidDB, is based on a symmetric-key algorithm that uses a 56-bit key. To protect the symmetric encryption key, a startup password must be specified when creating, starting, or decrypting an encrypted database.
The solidDB DES algorithm is a single-DES algorithm that is not recommended for applications that require strong security.
AES-256 algorithm
The AES-256 algorithm, which is available if you install the OpenSSL libcrypto library, can be used with the solidDB server to enforce strong database encryption, see Installing and configuring the OpenSSL toolkit.
As with DES encryption, a startup password must be specified when creating, starting, or decrypting an encrypted database.