How To Securly Store Data In MySQL Using AES_ENCRYPT
Posted
by
Justin
on Stack Overflow
See other posts from Stack Overflow
or by Justin
Published on 2011-01-14T23:40:08Z
Indexed on
2011/01/14
23:53 UTC
Read the original article
Hit count: 138
We are storing sensitive data in MySQL, and I want to use AES_ENCRYPT(data, 'my-secret-key-here') which works great. My biggest question is how do I secure the key? Previously I just wast storing the key in a web PHP file, so something like:
define("ENCRYPTION_KEY", 'my-secret-key-here');
This really doesn't work though, as our MySQL server and web server are the same physical machine, so if somebody gains access to the server, they can get both the encrypted data stored in MySQL and the key.
Any ideas? I am thinking I need to move the key to a separate server, and read it in remotely. Or, what about generating the encryption key dynamically for each piece of data. For example taking the customer_id and running md5 on it, and then using that as the key.
© Stack Overflow or respective owner