Implement encrypted library search
Right now, encrypted libraries cannot be searched. Unsearchable database, however secure, is useless. Scrolling thru 100s of entries is not practical. Having to choose between search capability and encryption is something that shouldn't have to happen. Thanks!
-
Wehmann5 commented
Given that this is marked as completed, why does one get the message "Search the encrypted entries are not supported." upon encrypting a library?
-
Chris H commented
Searching encrypted databases seems fast enough now. Not super fast, but OK. However, there are still some bug(s), which I will report.
-
Chris H commented
It seems that basic searching of encrypted databases is now supported... but it is VERY slow. Some ideas how this could be improved:
1. Is there any way that Memento could cache the decrypted records in memory, so that subsequent searches will be much quicker? (Until Memento is closed of course.)
2. Databases that are only protected by a password (no encryption) should have their backups automatically encrypted. Then I may not feel the need to use full database encryption.
3.Searching encrypted databases would be MUCH faster if ONE of the following was done:
(a) Allow user to limited their search to only particular fields. (Should give a massive speed-up.)(b) If it is difficult for the UI to allow the user to limit searching to particular fields, then a kludge would be for the user to mark certain database fields as always being "don't search"... And then perhaps provide a single extra option to "search all fields" (when they DO occasionally need to search one of the "don't search" fields!).
(c) Allow the user to set some fields as "never encrypted". That way they can prevent large but less-important fields from being encrypted, so searching those fields will be quicker. This is the least desirable solution, but would be better than nothing.
-
Chris H commented
I assume the reason that Memento does not allow searching encrypted databases (libraries) is because it would need to decrypt every entry to do the search, and that would make searching incredibly slow. I have several proposals that would work-around this problem, meaning we could search encrypted databases:
1. ONLY ENCRYPT SOME FIELDS. Typically the fields I want to search are not that important, so I would not care if they were not encrypted. While the fields I *do* want encrypted (say information relevant to data-protection laws) rarely need searching. So let me specify which individual fields I want encrypting.
2. *Backups* of password-protected databases should always be encrypted. This would greatly reduce the need for encrypting the "live" database, since the greatest insecurity is the storing of database backups on an insecure medium (e.g. SD card). Android provides some protection of app data stored in internal memory, which may be enough security for some needs. Possible argument against: Would backups performed by MyBackup Pro still be unencrypted?
3. When performing a search, give the option to "search encrypted data (slow!)". Sometimes we need to search, and don't mind if it takes a long time. So give us the option!
In an ideal world, all 3 solutions would be implemented, so we can choose the best solution for our needs. But even just one of those solutions would be a great improvement over what we have now (i.e. no searching at all).