Implement a low level interface under MyISAM tables so that all data and indexes are encrypted. Points to consider ---------------------------- - encrypting only tables is "nothing" if the logs are not encrypted. Since 5.1 some logs (General log, Slow query log at least) can be stored in MyISAM tables instead of plain text files, so this is ok. But the binary log remains: it contains all updates in clear text: this must be addressed (by storing the binary log into a MyISAM table? - it would then greatly influence WL#2582 "handler interface to binlog"). There are also other files which would reveal important data: temporary files created on slave when replicating LOAD DATA INFILE. (comment made by Guilhem) - it _might_ be that an encryption implementation would require the file to have a structure in pages; but MyISAM stores rows contiguously in the data file. Maria will however have pages, so it _might_ be easier to implement in Maria than in MyISAM (comment made by Guilhem).