Asymetric encryption of database columns (GDPR) / performance

I want to use the Nitrokey Pro (or HSM) to encrypt data stored in database columns
(eg. name, date of birth) via a public key.

The private key is kept on the Nitrokey device only.

The goal is that the same text in different rows but the same column shall have the same encrypted result even though the rows are not inserted at the same time.

Has somebody done this before and can provide hints how to do this?

The goal is to hide sensitive data (eg. personally identifiable information) even if the database clients (which may have the user right to access many or all data in the database) are attacked eg. via a trojan that is trying to steal the decryption password.

The data is in the columns will grow regulary (= inserts every n times/day).

A big challenge may be the performance (the database is data warehouse with over 100 MB of data in each column).

Edit 07/07/2019: Added the text in bold (“goal”)


Public key operations, like encryption, are done on the host, and private (like decryption or signing) via the device. In your case the slowest will be decryption then. Regarding performance, ECC might be faster, than RSA, but still it will be in the range of hundreds of bytes. E.g. RSA2048 achieves 180 bytes per second on OpenPGP v3.3, which is used on Nitrokey Pro and Storage devices; and about 190 bytes on Nitrokey HSM.

One technique is using a symmetric cipher (like AES) to do the actual work, and wrapping up its key into public-private cryptography (RSA/ECC). While this achieves maximum performance, it does not make the full key isolation (as AES key is kept in RAM in clear for a moment). You can generate AES key per record then, which will minimize the access of the adversary to only the currently processed record.

Example project wrapping AES key into RSA:

Edit: corrections; per-record AES key suggestion

We have a couple of benchmarks as well at:

Edit: Here is official Smartcard-HSM performance sheet:

Usually you never use pure public cryptography. Instead in most cases you combine it with symmetric cryptography to prevent any performance issues (hybrid cryptography).

I don’t fully understand your goal. Please rephrase it. If you want to have same clear text to appear as same encrypted data, that’s not increase the privacy but might be desirable in order to reduce storage consumption. For privacy and security reasons you usually apply salting so that encrypted data is always different, even if clear text is identical.