Solved

MySQL Encryption - where to store the key

Posted on 2010-11-21
4
675 Views
Last Modified: 2012-05-10
I'm going to be encrypting some fields in my database using AES_ENCRYPT() and AES_DECRYPT(), and connecting to my webpage using SSL.

The point of the exercise is that my application will be hosting some very sensitive user information which nobody else - and that should include me or anyone else who somehow gains administrative access to the server - can read it.

I understand the basic concepts of public shared key encryption - but something I don't get is where are you supposed to store the "key" string that AES_ENCRYPT/DECRYPT needs? That seems like te weakest link in the chain, and no matter how strong the encryption is, if the key is easily retrievable it all pretty much counts for nothing.

So how and where am I supposed to store the key for doing the encryption/decryption?
0
Comment
Question by:Frosty555
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 7

Expert Comment

by:stephen_c01
ID: 34183336
You are correct, storing the key will always be the weakest link. Thats why many people use hash's for passwords so there is no way to get them back.

Without knowing your setup, the user or client password can be the encryption key. So when they logon you know have the key to decrypt and only the users knows. Its hard to give other idea's without more information of the who and the what.
0
 
LVL 31

Author Comment

by:Frosty555
ID: 34186272
Hi Stephen,

The easiest analogy to give to the system I'm developing is imagine a password vault system - each user registers for an account and then inputs their passwords / sensitive data into the system for safe keeping.  It's important that the security of the website permits only them to see the info, but equally as important for their own peace of mind that me or anyone in my company can't just go in the back-end and look at it either.

The other question is if you have several users who need access to the same piece of data, can you have multiple "decrypting" keys that work?
0
 
LVL 7

Accepted Solution

by:
stephen_c01 earned 500 total points
ID: 34187468
Ok, so I am partial right, you should use their password as the encryption key. But now, how do you handle multiple access.

Something along the lines of.

You generate a random key say a md5 hash, that will actually be the encryption key for the users data. Now you encrypt the md5 hash with their password. Now, when they change their password you just decrypt and re-encrypt the md5 hash with the new password you and don't have to re-encrypt all of their data. In this method to get multiple users access to the same data you just decrypt the md5 hash; copy it and encrypt it with the other users password so they now have access to the md5 hash, which is the true key to the data.

IMO, you would want to layer this. you might want to use a unique md5 hash for each password in the password vault. So you can share some of the account and not all of the accounts.
0
 
LVL 31

Author Comment

by:Frosty555
ID: 34211231
I'm still sort of wrapping my head around what you've just said, but I think it makes sense. It also conveniently solves the problem of "isn't it a lot of overhead to reencrypt half the database whenever the user wants to change their password"

Cool, thank you for your help

0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
MySQL 5.6.30 - daily outages 46 60
Personal Secured Home Networking 2 44
PGP software 3 38
O365 and Multi Factor Authentication 1 39
It’s the first day of March, the weather is starting to warm up and the excitement of the upcoming St. Patrick’s Day holiday can be felt throughout the world.
Most MSPs worth their salt are already offering cybersecurity to their customers. But cybersecurity as a service is wide encompassing and can mean many things.  So where are MSPs falling in this spectrum?
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question