The encryption plugin is not a feature provided by ZDB, but rather a built-in capability of MariaDB itself.
MariaDB supports both symmetric and asymmetric (one-way) encryption algorithms, and for column- or data-level encryption, it offers various encryption functions:
? MariaDB Documentation – Encryption, Hashing, and Compression Functions
For storage-level (table-level) encryption, MariaDB also supports a variety of algorithms, most of which rely on AES-256, an industry standard.
? MariaDB Documentation – Encryption, Hashing, and Compression Functions
Category | Column Encryption (Column Level) | Block Encryption (Storage Level) | |||
Plug-In | API | Hybrid | TDE | File Encryption | |
| Operation Area | DB Server(Internal) | App(External) | DB&App(In/External) | DB Server (Internal) | DB&OS(Internal) |
| Algorithms | SHA-256/384/512, AES, TDES, SEED, ARIA | SHA-256/384/512, AES, TDES, SEED, ARIA | SHA-256/384/512, AES, TDES, SEED, ARIA | SHA-256/384/512, AES, TDES | SHA-256, AES, TDES, SEED, ARIA |
| DB Server Load | High | Low | Medium | Low | Low |
| Batch Processing | Supported | Supported | Supported | Supported | Supported |
| Application | No source code changes needed | Source code changes required | Source code changes required | No source code changes needed | No source code changes needed |
| Access Control | Identifiable at DB Client connecting to DB | Data identifiable only by users connecting via Application Server | Mixed | Managed by DB internal accounts | Controlled by OS accounts and App-level access |
| Advantages | Slow | Fast | Combines advantages | Encrypts/decrypts for all users | OS 지원여부 확인Depends on OS support |
| Disadvantages | Careful key management required | 소스 수정과 성능 | Careful key management required | Careful key management required | |