I want to use the Nitrokey Pro (or HSM) to encrypt data stored in database columns
(eg. name, date of birth) via a public key.
The private key is kept on the Nitrokey device only.
The goal is that the same text in different rows but the same column shall have the same encrypted result even though the rows are not inserted at the same time.
Has somebody done this before and can provide hints how to do this?
The goal is to hide sensitive data (eg. personally identifiable information) even if the database clients (which may have the user right to access many or all data in the database) are attacked eg. via a trojan that is trying to steal the decryption password.
The data is in the columns will grow regulary (= inserts every n times/day).
A big challenge may be the performance (the database is data warehouse with over 100 MB of data in each column).
Edit 07/07/2019: Added the text in bold (“goal”)