CipherStash
CipherStash Documentation

Frequently Asked Questions

Does CipherStash work with my database?

CipherStash currently works in PostgreSQL.

We are working to support all major relational databases.

This is the current status of CipherStash database support.

DatabaseStatus
PostgreSQL
MySQL❌ Coming Q3 2023
SQL Server❌ Coming Q4 2023
CockroachDB❌ Coming Q4 2023

Can I use my own keys?

Yes.

On the Free tier you must use a key that CipherStash provides you.

On the Pro and Enterprise tiers you can use your own keys.

How do backups work?

The same way they work for you now.

You can continue using your database’s backup tools, like pg_basebackup or xtrabackup.

CipherStash works by storing encrypted values in your database as binary data. Your backup tools will support backing up binary data, and will work fine with the binary data CipherStash stores in your database.

CipherStash also provides functions to query that encrypted data. You must ensure you database’s backup tool also backs up these functions.

Without these functions, you can restore your data, but you won’t be able to search it.

As always, a backup isn’t considered complete until you have successfully restored it.

How fast is it?

Very fast.

While searchable encryption can have a performance cost, it’s not noticable in most applications.

SQL queries on a CipherStash enhanced database versus an unprotected database.

Performance is a dealbreaker for using searchable encryption. We plan to provide detailed benchmarks, and a downloadable benchmark suite so you can verify our claims for yourself.