Security should be responsibility of the application. However let's make it clear that field level encryption is more a "means of" implementing security and herefore an infrastructure functionality that in my opinion Lucene should optionally provide. In the same way relational databases provide options (at a performance cost) to encrypt column values for very sensitive information.
That way, even if the data fell in obscure hands and they know how to read the lucene index, they would not be able to see the values stored with it. Think about credit card numbers for example ;-) That's my two cents. -- Joaquin -----Original Message----- >From negrinv <[EMAIL PROTECTED]> Sent Fri 12/1/2006 1:22 PM To java-dev@lucene.apache.org Subject Re: Attached proposed modifications to Lucene 2.0 to support Field.Store.Encrypted That is a valid consideration Doron, which brings the discussion back to the difference between encrypton and security. I believe that security is an end application responsability, not Lucene's. For instance, is it possible to write the end application so that those stats are hidden from or inaccessible to users? Victor Doron Cohen wrote: > > Robert Engels <[EMAIL PROTECTED]> wrote on 01/12/2006 09:34:12: >> ... decrypting such small payloads .. I think it is also subject to an > easy attack, > > In addition, index statistics are still available, right? So one can know > how many docs, which (encrypted) words appear in which docs and exactly > where, and how often. AFAIK, with a large enough index these statistics > can be useful for cracking the encryption. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- View this message in context: http://www.nabble.com/Attached-proposed-modifications-to-Lucene-2.0-to-support-Field.Store.Encrypted-tf2727614.html#a7646459 Sent from the Lucene - Java Developer mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
