paragonie-security
commented
1 year ago There's no built-in mechanism for this, but it's something we can explore in a future release.
Closed AvenueShops closed 1 year ago
paragonie-security
commented
1 year ago There's no built-in mechanism for this, but it's something we can explore in a future release.
paragonie-security
commented
1 year ago After investigating this topic thoroughly, I don't see a safe way to implement this feature request.
Any sort of encrypted database scheme that preserves ordering is likely to leak plaintext values. Until cryptography advancements are made that survive cryptanalysis, we're not going to implement this.
I have not been able to find any discussion of data sorting strategies in the docs or in other discussion and knowledge repositories. The best answer that I have seen so far involves first decrypting the data set, then performing the sort on plaintext. However, not only is that a potential security risk, but its extremely inefficient as the entire data set would need to be stored in memory to then only return a subset of the data back to the user. Is there any way to implement deterministic hashing for purposes of sorting? I have blind indexes on the full values of the fields that I'd like to sort on, but on the surface those hashes don't appear to natively preserve the sort indexing of the data. Thoughts? Any info and ideas are greatly appreciated!