Just throwing ideas your way in general, If you use the System.Cryptography functions on a word, it _should_ remain the same when you run it a second time. This means you could encrypt each word, then do a search on the encrypted phrase. This way, you'd have a Lucene index of encrypted words.
Then if you are using the Lucene index as the data store as well, you could potentially decrypt each field word by word as well.
We have a program that temporarily stores data on a users computer using System.IO.IsolatedStorage. If you could decrypt the entire Lucene index each time the program starts, you could store it in there and access it (so long as the index isn't overly large so the start-up decrypt doesn't take too long).
If the IsolatedStorage isn't working for a Lucene index you could create a RAM Disk or temporary disk on the drive to store the lucene index while accessing it, you could look at Dokan (dokan-dev.net) (there's a .NET wrapper for this) to create a temporary drive on your computer and decrypt the index into it.
Trevor Watson On 2/25/2010 4:16 PM, Hans Merkl wrote:
Hi, I am working on a desktop app that will use Lucerne as search engine. The app will be installed on the user's machine and the index will be stored on the local hard disk. The data is potentially confidential so I would like to protect the index from unauthorized access. The data needs to be secure even when the user's machine gets stolen. 2 approaches I have come up with so far: - Use Windows NTFS encryption. Should be secure unless the unauthorized person knows how log in as the user that created the index. - Use TrueCrypt. This should be very safe but it requires the installation of TrueCrypt and administrative rights to install the encrypted drive. The application will be distributed to many users so I would like to keep the installation as simple as possible. Does anybody have experience with this scenario? Right now I think the easiest approach would be NTFS encryption. What do you think? Thanks!
