On Thu, 28 Aug 2014 12:54:33 +0200, "Svein Erling Tysvær [email protected] [firebird-support]" <[email protected]> wrote: > At my workplace, we encrypt (or obfuscate) some fields in our programs and > only use Firebird for storage of the field (hence, Firebird knows nothing > about the encryption). One drawback with encryption is that it limits use > of indexes - it may be possible to use an index for exact match, but not > for other things like BETWEEN, >=, LIKE or STARTING. Hence, think twice > before encrypting fields in huge databases.
Depending on the encryption algorithm, indexes might be entirely unusable. With a CBC algorithm and a random IV - which is the right choice - encrypting the same cleartext leads to different ciphertext. Mark
