Encrypt tables with Transparent Data Encryption (TDE)
Configure Transparent Data Encryption (TDE) to protect all data in a table, except for the primary key columns. Different tables can use different keys.
HCD supports table encryption with keys you create using |
Two keys are used for table encryption:
-
Local encryption key: Encrypts/decrypts internal table encryption key values. Must be created using
nodetool createsystemkey
. -
Table encryption key: HCD creates a single key entry in the
hcd_system.encrypted_keys
table for each cipher algorithm, key strength, and local encryption key combination that is defined for table encryption.Tables with the same encryption settings use the same encryption key.
Data is encrypted when written to SSTables on disk. Applications can read and write to SSTables that use different encryption algorithms or no encryption at all.