This content has been marked as final. Show 3 replies
at any rate try to use one of the AES flavors, DES is old hat, the AES128 is 'cheapest' in terms of performance since computational overhead increases
with key lenght, this is a tradeoff you need to decide based on requirements (the sensitivity of the data), also with AES you may have the chance to
benefit from hardware acceleration in both Intel core and Oracle SPARC processors, please check :
note 1365021.1 How To Benefit From Hardware Acceleration for Tablespace Encryption?
A SALT will also cause more overhead both in computation and storage, since it makes the values that need to be encrypted a bit longer,
Harm ten Napel
Edited by: hnapel on Mar 26, 2013 3:11 AM
Cheapest method here is to use AES128 NO SALT NOMAC (MAC is used to ensure integrity of data, and requires more resources and more storage).
You should use SALT only if you have repeating values in same table, to ensure uniqueness when they are encrypted.
I am simulating the task in our test server (with the same specs are the production server).
I am encrypting a single column in a table. The details are shown below:
Table Name: CUSTOMERS
Column Name: customer_id [ datatype is NUMBER(6) ]
Column Attribute: Primary Key
Table Size: approx 2 GB (not partitioned)
Row count: 30 million
SQL> alter table sales.CUSTOMERS modify ("CUSTOMER_ID" encrypt using 'AES128' NO SALT);
And it took 6 hours to complete!!!
And we have to encrypt a lot of columns. It is not easy to do a Online table redefinition as there are other tables from the same database and other databases who reference the table.
I haven't explored moving the table in an encrypted tablespace but I will try it later.
Any ideas on my first issue? Encryption process is really slow. :(