Stephen Forlance
asked on
mysql Encryption with PHP
Anyone have some good resources and basic tutorials on how to encrypt a mysql database at rest and access it via PHP?
ASKER
Thanks Ray.
I noticed the comment regarding OpenSSL, does that mean I couldnt use it? Just that I saw some notes stating the mcrypt was no longer considered secure
I noticed the comment regarding OpenSSL, does that mean I couldnt use it? Just that I saw some notes stating the mcrypt was no longer considered secure
ASKER
Also, and I suspect this is a problem for any solution, but assuming the encryption is at the application level so only the php scripts have the key, how could it be secured?
Sure, you can use OpenSSL. I just found it hard to research at the time I wrote this teaching example. And whether MCrypt is secure is not really a binary question. Security is like a fire safe. These things are rated on the basis of time and temperature. No protection is absolute and forever. It's just a matter of time before the contents are incinerated. The nature of your attackers, their financial resources, their commitment to the attack, the value of the attack -- these are the kinds of things that come into play when we evaluate security risk.
With regard to encryption at the application level, I don't understand the question. Whether or not the PHP scripts have the key, what's the attack vector you're trying to protect against? If you lose your PHP scripts that contain the passwords or similar credentials, you've got a risk.
FWIW, IT Security is a full-time, four year college major at the University of Maryland (home to OWASP), and the University offers post-graduate studies as well. We can answer questions here at E-E, but we can't begin to cover all the issues and nuance in a deep, wide, and ever-evolving attack surface. OWASP is your friend!
With regard to encryption at the application level, I don't understand the question. Whether or not the PHP scripts have the key, what's the attack vector you're trying to protect against? If you lose your PHP scripts that contain the passwords or similar credentials, you've got a risk.
FWIW, IT Security is a full-time, four year college major at the University of Maryland (home to OWASP), and the University offers post-graduate studies as well. We can answer questions here at E-E, but we can't begin to cover all the issues and nuance in a deep, wide, and ever-evolving attack surface. OWASP is your friend!
ASKER
Hi Ray,
Im just thinking of a last line of defence, is the database was compromised and the content stolen, preventing its easy use,
Thanks,
Im just thinking of a last line of defence, is the database was compromised and the content stolen, preventing its easy use,
Thanks,
I think almost any encryption will prevent easy use. The definition of easy may be a moving target, and will depend on the sophistication of the attackers and their perceived value of the data. I would not put much effort into stealing a database of bowling scores, but if I could get a large volume of detailed financial information, it might be worth trying some things that were not easy.
If you want to go with OpenSSL, it looks like the PHP docs are much better now. Here's the anchor link.
http://php.net/manual/en/book.openssl.php
I've never done it, but if you wanted to protect the keys or other security-related secrets, you might omit this information from the PHP scripts and instead ask the client to enter this information at run time, through HTML/PHP form input controls. Some of the literature suggests putting the keys into a file on the file system, outside of the www-root tree. At run time you can read them into a variable with file_get_contents(), and you can use the variable in your PHP scripts to provide the keys. Since the file with the keys is outside of the web site, it cannot be discovered by "accidental" browsing. And even if someone knew its name, they could not use an HTTP request to get the server to disclose the contents.
If you want to go with OpenSSL, it looks like the PHP docs are much better now. Here's the anchor link.
http://php.net/manual/en/book.openssl.php
I've never done it, but if you wanted to protect the keys or other security-related secrets, you might omit this information from the PHP scripts and instead ask the client to enter this information at run time, through HTML/PHP form input controls. Some of the literature suggests putting the keys into a file on the file system, outside of the www-root tree. At run time you can read them into a variable with file_get_contents(), and you can use the variable in your PHP scripts to provide the keys. Since the file with the keys is outside of the web site, it cannot be discovered by "accidental" browsing. And even if someone knew its name, they could not use an HTTP request to get the server to disclose the contents.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Here's a link to the article. Please let me know your thoughts and questions, thanks.
https://www.experts-exchange.com/articles/28835/Keeping-Secrets-with-PHP.html
https://www.experts-exchange.com/articles/28835/Keeping-Secrets-with-PHP.html
https://www.experts-exchange.com/articles/28768/Password-Hashing-in-PHP.html
If you want to encrypt for secure communications, you can use HTTPS to transport the information.
Ir you want to encrypt the information in the tables, you can use something like this.
Open in new window