In-depth Percona Server/MySQL Encryption

Thursday 2:55 PM - 3:45 PM

@ Texas 7


50 minutes conference


MySQL, Database Security

1) Keyrings
- General concepts
- what happens when keyring plugin is loaded
- where keys are stored
- troubleshooting
     keyring initialization failures
     taking care of core dumps
- keyring_vault
- how to setup keyring_vault (separation of servers on Vault server)
- list of keys on a server (base64 encoded)
2) How Innodb Master Key encryption internal works:
- where the encryption key is stored
- the relation between Master Key and tablespace's encryption key
- keyring cooperation
- troubleshooting
- keyring uninstallation
3) how key rotation works
4) can table be re-encrypted?
5) Encryption threads
- what are encryption threads
- key rotation
6) binlog encryption:
- Start_encryption_event
- communication between master and slave
- checksum
- mysqlbinlog
- key rotation
- MySQL / PS encryption (8.0.14)


Robert Golebiowski

Robert Golebiowski (Percona)

Software developer


Passionate software developer. Working in MySQL ecosystem since 2014 - now with Percona, previously with Oracle. Working mainly on security features.


  Download Slides  


Please sign in for 15 day access

Connect with Percona

Stay Connected on:

Percona Live Conferences

The Percona Live Open Source Database Conferences are the premier event for the diverse and active open source database community, as well as businesses that develop and use open source database software.

Contact Us

For general information about the event/expo/conference, including registration, please contact us at:

  • info(@)
  • +1-888-401-3401
  • +1-919-948-2863