How to do Redis Data encryption?

database encryption redis redis-cluster
Sreeraj picture Sreeraj · Feb 10, 2016 · Viewed 8.7k times · Source

We can secure the data while its travelling using spiped or stunnel. But How do we do that while the data at rest? What if someone took the whole database? How can we encrypt the persistent data storage? Do we need to do this in application layer?

Answer

user4410678 picture user4410678 · Apr 3, 2017

When looking at the documentation at https://redis.io/topics/security it is clear that encryption of data at rest isn't supported:

Redis is designed to be accessed by trusted clients inside trusted environments. This means that usually it is not a good idea to expose the Redis instance directly to the internet or, in general, to an environment where untrusted clients can directly access the Redis TCP port or UNIX socket.

And (emphasis mine):

[...] in general, untrusted access to Redis should always be mediated by a layer implementing ACLs, validating user input, and deciding what operations to perform against the Redis instance. In general, Redis is not optimized for maximum security but for maximum performance and simplicity.

Related questions

Android database encryption

Android uses SQLite database to store data, I need to encrypt the SQLite database, how can this be done? I understand that application data is private. However I need to explictly encrypt the SQLite database that my app is using.

Read More
Database column encryption postgres

How to encrypt column in postgres database using pgcrypto addon ? I am using postgres 9.3 and i need to encrypt one of my column , does postgres also support Aes encryption or by any mean i can achieve it ?

Read More
Securly Storing OpenID identifiers and OAuth tokens

I am creating a web app that will use OpenID logins and OAuth tokens with Youtube. I am currently storing the OpenID identity and OAuth token/token secret in plain text in the database. Is it inappropriate to store these …

Read More