Expand description
§Data-at-Rest Encryption (Enterprise Security)
Transparent AES-256-GCM-SIV encryption for data blocks, WAL entries, and checkpoint files. Uses nonce-misuse-resistant authenticated encryption to prevent catastrophic failures from nonce reuse.
§Design Choices
- AES-256-GCM-SIV: Nonce-misuse resistant — safe even if nonces are accidentally repeated (unlike plain AES-GCM which is catastrophic).
- Per-block random nonces: 12-byte random nonce per encrypt operation.
- Zero-copy where possible: Encrypt in-place for WAL append path.
- Key wrapping: Data Encryption Key (DEK) is wrapped by a Key Encryption Key (KEK) loaded from Kubernetes Secrets or env vars.
§Wire Format
[1 byte: version] [12 bytes: nonce] [N bytes: ciphertext+tag]Version 1: AES-256-GCM-SIV with 12-byte nonce, 16-byte auth tag appended to ciphertext by the AEAD.
§Performance Notes
On x86_64 with AES-NI: ~4 GB/s encryption throughput (hardware-accelerated). The overhead is negligible compared to disk I/O.
Structs§
- Encryption
Engine - Data-at-rest encryption engine.
- Encryption
Key - A wrapper that zeroizes the key material on drop.
Enums§
- Encryption
Error - Encryption error types.
Functions§
- generate_
key - Generate a new random 256-bit encryption key.