I need to create a database where all the tables are encrypted (I am planning on using HSQLDB) and there are a couple ways I can see doing it but they both have issues. I could encrypt the entire table (in a text table) and then decrypt the entire thing into a memory table. Or I could just encrypt each row of data and decrypt them as I pull them out. The first option doesn't seem feasible to me with a table that consists of several hundred thousand records (am I wrong?) and in a way seems to defeat the purpose of encrypting the db if I'm going to decrypt the entire thing and have it in memory. The second option seems nice at first glance but I don't see how it would be possible to query against (except in the case of say: field1 = encrypt("value") but if you wanted to say something like: field1 > 50). It wouldn't work. Is there a standard way of dealing with this? Are there any tools specifically for doing this? The only way I can conceive of doing this is have an extensive list of non-encrypted indexs.
I've had requirements for passwords to be encrypted but never an entire database.