International Journal of Open Information Technologies

This paper introduces a software library that enables transparent, application-level encryption and decryption of sensitive data fields while remaining fully compliant with Russian cryptographic regulations. The solution targets growing information-security requirements for personal-data protection and aligns with domestic legislation governing cryptographic safeguards. We survey current techniques for encrypting database fields—from DBMS-native mechanisms to object–relational mapping (ORM) extensions—and identify their limitations in the context of Russian GOST standards. The proposed library acts as a lightweight wrapper around Spring Data JPA (with optional direct Hibernate integration). Data members marked with a custom annotation are automatically encrypted on persistence and decrypted on retrieval, without altering business logic. The architecture leverages JPA attribute converters and event listeners to intercept serialization and deserialization, integrates seamlessly into the Spring Data lifecycle, and incorporates flexible key-management facilities.Particular attention is paid to GOST 28147-89 and GOST R 34.12-2015 (“Magma” and “Kuznechik”) block-cipher algorithms, their operating modes, and suitability for database-encryption workloads. We also discuss the use of certified cryptographic providers such as CryptoPro CSP to satisfy regulator requirements. A comparative analysis with existing solutions highlights the advantages and scientific novelty of the proposed approach, demonstrating its ability to deliver fine-grained, standards-compliant security with minimal impact on developer productivity or system performance.

Popov R.S., Lyalikova V.G. Encryption of Information in Databases. Vestnik Nauki, 2022.

Information Security of Personal Data. Integrus, Moscow, 2019.

CryptoPro. Documentation for CryptoPro JCP, Version 5.0. Moscow, 2023.

Chourasia D. Encryption and Decryption of Data at Blazing Speed Using Spring Data JPA. Medium.com, 2022.

Sultanov D.R. Database Column-Level Encryption with Spring Data JPA. Blog, 2019.

Kuznyechik (cipher). Wikipedia – The Free Encyclopedia. Available at: https://ru.wikipedia.org/wiki/Кузнечик_(шифр)

GOST 28147-89. Wikipedia – The Free Encyclopedia. Available at: https://ru.wikipedia.org/wiki/ГОСТ_28147-89

Taxcom. Transition to GOST 34.12-2018 in Electronic Document Management. Taxcom, 2024.