Sign in to follow this  

[web] Data encryption of database contents

This topic is 3338 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Hi, I'm currently in the midst of developing a rather large project on my own, and I require a bit of help. I have already designed the overall database in terms of what tables are required including their contents (I have a nice layout presented on A3). I am not to clued up on data encryption, so a bit of help would be much appreciated. I'm looking to develop a SECURE solution to my problem. Currently, I have a username/password combination stored in a database. As would be expected, the user's password is hashed with a salt using whirlpool. The database also holds additional customer information including the user's address and other contact information. What is the best method of keeping the data safe? I have thought of using the each user's password as a symmetric key to encrypt the address and so on. Unfortunately, if I would like to view a user's contact information, I will require their password - a piece of information I don't want to store in plaintext. Is their a viable technique which will allow an administrator to view the encrypted contact information of each user in a safe manner? How would you do it? Your suggestions would be much appreciated... GCS584

Share this post


Link to post
Share on other sites
It might be simpler to restrict access to the database, rather than encrypting the contents.

However, there are encryption methods that can be set up to use multiple keys (i.e. can be decrypted either by the user's key or the administrator's key). I am unfortunately not aware of specifics, apart from having done this with GnuPG (sign a file with multiple keys).

Share this post


Link to post
Share on other sites
Hi Swiftcoder,

Thanks for your response.

I don't like the thought of relying on restricting database access. Because I utilize open-source software, I'm afraid of a gaping software flaw that allows easy circumvention of any database security (not to say that I wouldn't have this problem with a closed-source solution).

GCS584

Share this post


Link to post
Share on other sites
Quote:
Original post by gcs584
I don't like the thought of relying on restricting database access. Because I utilize open-source software, I'm afraid of a gaping software flaw that allows easy circumvention of any database security (not to say that I wouldn't have this problem with a closed-source solution).
TBH, I would be feel much more confident about open-source than closed-source, but that might just be me ;)

Anyway, I think the encryption is a good goal, but is it really necessary that the administrator be able to read the info? I would suggest considering a simple scheme, whereby the user's name and email are stored in plain text (for contact purposes), and everything else is encrypted with the users key. This allows you to contact the user if necessary, and to guarantee that the rest of their data is not used without the express permission of the user, thereby avoiding any possible responsibility for that data (such as if someone hacks your database, or a court orders you to release data, ...).

Share this post


Link to post
Share on other sites
I leave "regular data" in plain text: name, address, phone number, etc. I two-way encrypt more sensitive details like drivers license number and social security last-4's, and one-way encrypt passwords.

And in the wise words of Mr. Miyagi (Karate Kid), "Best block, no be there." Don't store any sensitive info at all if it's not really needed (like credit card info).

Share this post


Link to post
Share on other sites

This topic is 3338 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this