Also, regarding the client side approach, would one be able to do an order by query?
On Thu, 9 Jul 2020 at 21:28, Justvuur <justv...@gmail.com> wrote: > Ahhhh, ok ye, I understand, then I prefer client side. > I just need to sort out the encryption then... I'm not too familiar with > encryption algorithms but at the moment its using a text key from a config > file and the mode is CBC which I guess is what is generating a different > value each time right? > In Mike's example he's using ECB mode which is the default. > What would be the best mode to use for my scenario? A good balance between > secure and performance that works for client side? > > On Thursday, 9 July 2020 20:18:52 UTC+2, Jonathan Vanasco wrote: >> >> >> >> On Thursday, July 9, 2020 at 2:12:36 PM UTC-4, Justvuur wrote: >>> >>> I've done some more digging... It seems when I did the search for >>> "secrets", the text is encrypted and compared to the value in the columns, >>> >> >> That is how client-side encryption works. If you want to search for >> "secrets", you need to use server-side encryption (which depends on the >> database). In those systems, the server will decrypt the column in every >> row when searching - which can be a performance issue. >> >> The thing is this type of comparison wont work, the algorithm generates a >>> different string each encryption for the same string. >>> >> >> What are you using for your encryption key? The key should be >> persistent, and should always generate the same output for a given input. >> In the example from Michael Bayer, a random uuid is used as a placeholder. >> > -- > SQLAlchemy - > The Python SQL Toolkit and Object Relational Mapper > > http://www.sqlalchemy.org/ > > To post example code, please provide an MCVE: Minimal, Complete, and > Verifiable Example. See http://stackoverflow.com/help/mcve for a full > description. > --- > You received this message because you are subscribed to the Google Groups > "sqlalchemy" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to sqlalchemy+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/sqlalchemy/58a78976-3ebe-428b-824f-165b15f61cb4o%40googlegroups.com > <https://groups.google.com/d/msgid/sqlalchemy/58a78976-3ebe-428b-824f-165b15f61cb4o%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- SQLAlchemy - The Python SQL Toolkit and Object Relational Mapper http://www.sqlalchemy.org/ To post example code, please provide an MCVE: Minimal, Complete, and Verifiable Example. See http://stackoverflow.com/help/mcve for a full description. --- You received this message because you are subscribed to the Google Groups "sqlalchemy" group. To unsubscribe from this group and stop receiving emails from it, send an email to sqlalchemy+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/sqlalchemy/CAJK07SZwotU64v22pmRJn4SR6aV2cb%2B6U_tKMwJxgG9Pe0cUQA%40mail.gmail.com.