How Transparent Data Encryption is built in MySQL and Percona Server ?

• Video recording (WebM/VP9)
• Video recording (mp4)

How Transparent Data Encryption is built in MySQL and Percona Server ? – keyrings – what are they used for ? What is the difference between using a server back-end (keyringvault) versus file back-end (keyringfile). How it affects server startup and why? Why per server separation is needed in Vault Server? – How Master Key encryption works ? How it is build on page level ? How do we know which key we should fetch to decrypt a table ? How do we know that used key is the correct one ? How do we make sure that we can decrypt a table when we need it ? – What crypto algorithms are used ? – How Master Key rotation works ? Why is it needed ? – What is KEYRING encryption and what are encryption threads? – How binlog encryption works in 5.7 and how it works in 8.0 ? – How undo log/redo log encryption works ?

How Transparent Data Encryption is Built in MySQL and Percona Server ?

In this presentation, we’ll take a deep dive into the world of transparent data encryption for open source databases. We’ll be looking at how transparent data encryption is implemented in MySQL and Percona Server for MySQL: – keyrings – what are they used for ? What is the difference between using a server back-end (keyringvault) versus file back-end (keyringfile). How it affects server startup and why? Why per server separation is needed in Vault Server? – How Master Key encryption works ? How it is build on page level ? How do we know which key we should fetch to decrypt a table ? How do we know that used key is the correct one ? How do we make sure that we can decrypt a table when we need it ? – How Master Key rotation works ? Why is it needed ? By the end of the talk, you’ll have a better understanding of the transparent data encryption and will be aware of things to take into account when interacting with encrypted databases in your applications.