Blind Index 1.0

Blind Index 1.0

Blind indexing is an approach to securely search encrypted data with minimal information leakage.

I’m happy to announce that Blind Index 1.0 was just released! Here are the key improvements.

Stronger Algorithm

This release adds support for Argon2id and makes it the default algorithm.

Argon2 is a memory-hard function. You specify the amount of memory required to compute a hash, and if an attacker tries to compute the hash with less memory, it takes significantly more time to compute. This allows it to better resist attacks on specialized hardware like ASICs.

Argon2 is significantly better than PBKDF2 (the previous default), so we recommend upgrading for better security.

Less Keys to Manage

It’s a good practice to use a separate key for each blind index. However, generating, storing, and deploying new keys can be burdensome. Thanks to this key separation method by CipherSweet, this is no longer needed. Instead, you can use a single master key and the library will derive separate keys for each blind index automatically. You no longer have to worry about managing additional secrets.

Better Naming

In earlier versions, blind index columns took the format encrypted_#{name}_bidx. This was done to match the encrypted columns of the attr_encrypted gem. However, this column is a hash rather than encrypted data, so the encrypted_ prefix doesn’t really make sense. It was removed in this release.

Support for Lockbox

This release also adds support for Lockbox, a modern encryption library for Rails.

Summary

Blind Index 1.0 brings a number of improvements, and there’s a smooth path to upgrading with zero downtime.

If you’re not encrypting data today because it makes it impossible to query, check out Blind Index.

Published July 9, 2019


You might also enjoy

Large Text Indexes in Postgres

navigator.sendBeacon and Rails

Git LFS on Heroku


All code examples are public domain.
Use them however you’d like (licensed under CC0).