diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/SessionModule.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/SessionModule.kt
index 0256535fde..f0aaf8e59e 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/SessionModule.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/SessionModule.kt
@@ -44,6 +44,7 @@ import org.matrix.android.sdk.api.session.permalinks.PermalinkService
 import org.matrix.android.sdk.api.session.securestorage.SharedSecretStorageService
 import org.matrix.android.sdk.api.session.typing.TypingUsersTracker
 import org.matrix.android.sdk.api.util.md5
+import org.matrix.android.sdk.internal.crypto.RustEncryptionConfiguration
 import org.matrix.android.sdk.internal.crypto.secrets.DefaultSharedSecretStorageService
 import org.matrix.android.sdk.internal.crypto.tasks.DefaultRedactEventTask
 import org.matrix.android.sdk.internal.crypto.tasks.RedactEventTask
@@ -189,11 +190,12 @@ internal abstract class SessionModule {
         fun providesRustCryptoFilesDir(
                 @SessionFilesDirectory parent: File,
                 @CryptoDatabase realmConfiguration: RealmConfiguration,
+                rustEncryptionConfiguration: RustEncryptionConfiguration,
         ): File {
             val target = File(parent, "rustFlavor")
             val file: File
             measureTimeMillis {
-                file = MigrateEAtoEROperation().execute(realmConfiguration, target)
+                file = MigrateEAtoEROperation().execute(realmConfiguration, target, rustEncryptionConfiguration.getDatabasePassphrase())
             }.let { duration ->
                 Timber.v("Migrating to ER in $duration ms")
             }
diff --git a/matrix-sdk-android/src/rustCrypto/java/org/matrix/android/sdk/internal/crypto/OlmMachine.kt b/matrix-sdk-android/src/rustCrypto/java/org/matrix/android/sdk/internal/crypto/OlmMachine.kt
index 974bbfb252..4424bdccdc 100644
--- a/matrix-sdk-android/src/rustCrypto/java/org/matrix/android/sdk/internal/crypto/OlmMachine.kt
+++ b/matrix-sdk-android/src/rustCrypto/java/org/matrix/android/sdk/internal/crypto/OlmMachine.kt
@@ -130,12 +130,13 @@ internal class OlmMachine @Inject constructor(
         private val ensureUsersKeys: EnsureUsersKeysUseCase,
         private val matrixConfiguration: MatrixConfiguration,
         private val megolmSessionImportManager: MegolmSessionImportManager,
+        private val rustEncryptionConfiguration: RustEncryptionConfiguration,
 ) {
 
     private val inner: InnerMachine
 
     init {
-        inner = InnerMachine(userId, deviceId, path.toString(), null)
+        inner = InnerMachine(userId, deviceId, path.toString(), rustEncryptionConfiguration.getDatabasePassphrase())
     }
 
     private val flowCollectors = FlowCollectors()
diff --git a/matrix-sdk-android/src/rustCrypto/java/org/matrix/android/sdk/internal/crypto/RustEncryptionConfiguration.kt b/matrix-sdk-android/src/rustCrypto/java/org/matrix/android/sdk/internal/crypto/RustEncryptionConfiguration.kt
new file mode 100644
index 0000000000..f86e76b78e
--- /dev/null
+++ b/matrix-sdk-android/src/rustCrypto/java/org/matrix/android/sdk/internal/crypto/RustEncryptionConfiguration.kt
@@ -0,0 +1,35 @@
+/*
+* Copyright 2023 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.crypto
+
+import org.matrix.android.sdk.api.util.toBase64NoPadding
+import org.matrix.android.sdk.internal.database.RealmKeysUtils
+import org.matrix.android.sdk.internal.di.UserMd5
+import org.matrix.android.sdk.internal.session.SessionScope
+import javax.inject.Inject
+
+@SessionScope
+internal class RustEncryptionConfiguration @Inject constructor(
+        @UserMd5 private val userMd5: String,
+        private val realmKeyUtil: RealmKeysUtils,
+) {
+
+    fun getDatabasePassphrase(): String {
+        // let's reuse the code for realm that creates a random 64 bytes array.
+        return realmKeyUtil.getRealmEncryptionKey("crypto_module_rust_$userMd5").toBase64NoPadding()
+    }
+}
diff --git a/matrix-sdk-android/src/rustCrypto/java/org/matrix/android/sdk/internal/session/MigrateEAtoEROperation.kt b/matrix-sdk-android/src/rustCrypto/java/org/matrix/android/sdk/internal/session/MigrateEAtoEROperation.kt
index c17022940f..cc667ab925 100644
--- a/matrix-sdk-android/src/rustCrypto/java/org/matrix/android/sdk/internal/session/MigrateEAtoEROperation.kt
+++ b/matrix-sdk-android/src/rustCrypto/java/org/matrix/android/sdk/internal/session/MigrateEAtoEROperation.kt
@@ -25,7 +25,7 @@ import java.io.File
 
 class MigrateEAtoEROperation {
 
-    fun execute(cryptoRealm: RealmConfiguration, rustFilesDir: File): File {
+    fun execute(cryptoRealm: RealmConfiguration, rustFilesDir: File, passphrase: String?): File {
         // Temporary code for migration
         if (!rustFilesDir.exists()) {
             rustFilesDir.mkdir()
@@ -43,7 +43,7 @@ class MigrateEAtoEROperation {
 
                 Realm.getInstance(cryptoRealm).use { realm ->
                     extractMigrationData.extractData(realm) {
-                        org.matrix.rustcomponents.sdk.crypto.migrate(it, rustFilesDir.path, null, progressListener)
+                        org.matrix.rustcomponents.sdk.crypto.migrate(it, rustFilesDir.path, passphrase, progressListener)
                     }
                 }
             } catch (failure: Throwable) {