MariaDB can encrypt data stored in Aria. This include both Aria tables and Aria on-disk temporary tables. This ensures that your Aria data is only accessible through MariaDB.
For encryption with the InnoDB and XtraDB storage engines, see Encrypting Data for InnoDB/XtraDB.
When working with tables that use the Aria storage engine, you can enable data-at-rest encryption only for those tables that have the
ROW_FORMAT table option set to
PAGE, (which is the default). Encryption is not available on tables where the format is set to
Enabling encryption of Aria tables is done using the
aria_encrypt_tables Aria system variable. When set, all
PAGE formatted tables are encrypted.
# vi /etc/my.cnf [mysqld] ... aria_encrypt_tables = ON
MariaDB then encrypts all tables using the Aria storage engine and the appropriate row format.
Temporary Table Encryption
When using the MEMORY storage engine, MariaDB attempts to store all of your data in memory. The maximum size of table data cannot exceed the value given to the
max_heap_table_size system variable. When it does, MariaDB writes the data to disk as a temporary table using the Aria storage engine.
Encryption for these temporary tables is handled separately, using the
encrypt_tmp_disk_tables server system variable.
# vi /etc/my.cnf [mysqld] ... encrypt_tmp_disk_tables = ON
MariaDB then creates and uses a random encryption key for every new temporary table.