Not in the traditional sense, no. ORDER BY is implemented by the database, and with client-side encryption, the database only ever sees encrypted strings.
Simon On Fri, Jul 10, 2020 at 8:41 AM Justin Van Vuuren <justv...@gmail.com> wrote: > > Also, regarding the client side approach, would one be able to do an order by > query? > > On Thu, 9 Jul 2020 at 21:28, Justvuur <justv...@gmail.com> wrote: >> >> Ahhhh, ok ye, I understand, then I prefer client side. >> I just need to sort out the encryption then... I'm not too familiar with >> encryption algorithms but at the moment its using a text key from a config >> file and the mode is CBC which I guess is what is generating a different >> value each time right? >> In Mike's example he's using ECB mode which is the default. >> What would be the best mode to use for my scenario? A good balance between >> secure and performance that works for client side? >> >> On Thursday, 9 July 2020 20:18:52 UTC+2, Jonathan Vanasco wrote: >>> >>> >>> >>> On Thursday, July 9, 2020 at 2:12:36 PM UTC-4, Justvuur wrote: >>>> >>>> I've done some more digging... It seems when I did the search for >>>> "secrets", the text is encrypted and compared to the value in the columns, >>> >>> >>> That is how client-side encryption works. If you want to search for >>> "secrets", you need to use server-side encryption (which depends on the >>> database). In those systems, the server will decrypt the column in every >>> row when searching - which can be a performance issue. >>> >>>> The thing is this type of comparison wont work, the algorithm generates a >>>> different string each encryption for the same string. >>> >>> >>> What are you using for your encryption key? The key should be persistent, >>> and should always generate the same output for a given input. In the >>> example from Michael Bayer, a random uuid is used as a placeholder. >> >> -- >> SQLAlchemy - >> The Python SQL Toolkit and Object Relational Mapper >> >> http://www.sqlalchemy.org/ >> >> To post example code, please provide an MCVE: Minimal, Complete, and >> Verifiable Example. See http://stackoverflow.com/help/mcve for a full >> description. >> --- >> You received this message because you are subscribed to the Google Groups >> "sqlalchemy" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to sqlalchemy+unsubscr...@googlegroups.com. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/sqlalchemy/58a78976-3ebe-428b-824f-165b15f61cb4o%40googlegroups.com. > > -- > SQLAlchemy - > The Python SQL Toolkit and Object Relational Mapper > > http://www.sqlalchemy.org/ > > To post example code, please provide an MCVE: Minimal, Complete, and > Verifiable Example. See http://stackoverflow.com/help/mcve for a full > description. > --- > You received this message because you are subscribed to the Google Groups > "sqlalchemy" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to sqlalchemy+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/sqlalchemy/CAJK07SZwotU64v22pmRJn4SR6aV2cb%2B6U_tKMwJxgG9Pe0cUQA%40mail.gmail.com. -- SQLAlchemy - The Python SQL Toolkit and Object Relational Mapper http://www.sqlalchemy.org/ To post example code, please provide an MCVE: Minimal, Complete, and Verifiable Example. See http://stackoverflow.com/help/mcve for a full description. --- You received this message because you are subscribed to the Google Groups "sqlalchemy" group. To unsubscribe from this group and stop receiving emails from it, send an email to sqlalchemy+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/sqlalchemy/CAFHwexdJquCGHv0B5aAOUgkFBXijxtEM48Fo0YoSFrSOsNo4Zw%40mail.gmail.com.
