Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for database encryption #13103

Open
J0WI opened this issue Dec 17, 2018 · 6 comments
Open

Add support for database encryption #13103

J0WI opened this issue Dec 17, 2018 · 6 comments
Labels

Comments

@J0WI
Copy link
Contributor

J0WI commented Dec 17, 2018

Is your feature request related to a problem? Please describe.
The NextCloud database contains sensitive/personal data about users. Sensitive data could be leaked due a vulnerability in NextCloud. On most installations, the database is hosted on a third parity infrastructure, that could also leak data.

Describe the solution you'd like
PostgreSQL, MariaDB and MySQL all support symmetric and asymmetric encryption of columns natively.
It would be great to have the ability to optionally encrypt sensitive/personal content of the database.
Similar to the file encryption module, this can be done with a master key and/or user specific keys.
This will make it much harder to steal useful data, because you'd also need all user keys to decrypt the content.

Describe alternatives you've considered
MariaDB does also support database encryption:
https://mariadb.com/resources/blog/table-and-tablespace-encryption-on-mariadb-10-1/
https://mariadb.com/kb/en/library/why-encrypt-mariadb-data/
But this would not protect users if data is leaked due a vulnerability in NextCloud (e.g. SQLI).

@J0WI J0WI added enhancement 0. Needs triage Pending check for reproducibility or if it fits our roadmap feature: encryption (server-side) labels Dec 17, 2018
@tflidd
Copy link
Contributor

tflidd commented Dec 17, 2018

There was a request for the calendar: #5927

@skjnldsv skjnldsv added 1. to develop Accepted and waiting to be taken care of and removed 0. Needs triage Pending check for reproducibility or if it fits our roadmap labels Aug 15, 2019
@J0WI
Copy link
Contributor Author

J0WI commented Nov 16, 2019

Nextcloud should probably encrypt the data before sending them to a database: doctrine/orm#1744 (comment)

@intika
Copy link

intika commented Nov 26, 2019

Quote from nextcloud/spreed#1437 (comment)

Or do the encryption to the whole db, and encrypt/decrypt on each call...
I guess that such implementation would implicate adding an interface to manage the db in an un-encrypted manner
Or create a secondary db that would be un-encrypted and it would get generated/deleted with a button on the settings panel. (in the case of a full encrypted db of course)

@blu-IT
Copy link

blu-IT commented Apr 30, 2020

Even SQLite extension does offer database enryption now:

https://www.zetetic.net/sqlcipher/

https://github.com/sqlcipher/sqlcipher

@summersab
Copy link
Contributor

I'm going to pitch in my support for this idea. In conjunction with the following PR, it would be nice to be able to use per-user encryption keys to encrypt private data in the database:
#27929

I tried to write middleware to perform the encryption of JSON data set during PUT and POST requests, but this won't work because the controllers often perform input validation (as they should). I then thought about writing some sort of middleware for Doctrine, but I would have to know which fields to encrypt and which to leave alone. I'm sure there's a way to approach this problem, but I'm not sure how.

Any thoughts? I'd be happy to work on it if someone could provide a little direction.

@rosa2
Copy link

rosa2 commented Jul 26, 2022

I am also interested in this. We have sensible data in the database and would like to encrypt. Thanks a lot :)

@joshtrichards joshtrichards changed the title Add support for database encyrption Add support for database encryption Mar 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging a pull request may close this issue.

7 participants