Aria Encryption Keys

You are viewing an old version of this article. View the current version here.

Key management and encryption plugins support using multiple encryption keys. Each encryption key can be defined with a different 32-bit integer as a key identifier.

Aria uses the encryption key with ID 1 to encrypt user-created tables.

Aria uses the encryption key with ID 2 to encrypt internal temporary tables if it exists. Otherwise, it uses the encryption key with ID 1.

Key Rotation

When your key management and encryption plugin provides the relevant support, you can automatically rotate and version your encryption keys. For example, the AWS key management plugin supports key rotation, but the file key management plugin does not.

The InnoDB storage engine has background encryption threads that can automatically re-encrypt pages when key rotations occur. The Aria storage engine does not currently have a similar mechanism to re-encrypt pages in the background when key rotations occur.

Comments

Comments loading...

Content reproduced on this site is the property of its respective owners, and this content is not reviewed in advance by MariaDB. The views, information and opinions expressed by this content do not necessarily represent those of MariaDB or any other party.

Aria Encryption Keys

Key Rotation

Comments

Products

Services

Pricing

Resources

About Us

Download MariaDB