The Encryption Scheme

The secure deletion of existing encryption key data is accomplished through the deletion of the row of data containing the current passphrase and ID from the security database. After the row is deleted, a new row is inserted into the table along with the new passphrase data and an incremental ID. The process of key rotation runs in the background so that it does not require the system to be down during the key rotation process.