Best way to work with encrypted data in database
Best way to work with encrypted data in database
maiden
Posts: 16Questions: 6Answers: 0
Hi,
I'm working on a project where some userdata has to be stored encrypted in the database. In some other projects I used MySQLs AES_ENCRYPT/DECRYPT with SHA2(),512 to write the data from a web form to the database. This always worked fine. On the new project I'm using DT Editor to let a defined group of users write data to the database. I managed to decrypt the data from the DB and show it in the DT, but after searching and reading through many forum posts etc. I realised that it's not possible to write data AES-Encrypted to the DB using DT. So my question is:
what is the best way to work with encrypted data stored in MySQL/Maria-DB with DT?
Encrypt the data using PHP and writing it to the database without MySQL-encrypt funcions?
Or did I miss something? Any better way?
Thanks for any recommendations,
Martin
This question has an accepted answers - jump to answer
Answers
According to this thread
https://datatables.net/forums/discussion/15606
you would use DT Editor's PHP formatters.
thank you;
the essential sentence in that post seems to be
Note that these are executed in PHP-world. There is currently no method in the Editor PHP libraries to use SQL functions.
So I need to rethink my security concept
When the key of encryption is not known by final user, the responsability to decrypt is of the server, well, so DT will get data already decrypted by your server. When your end point receives the requests, in this moment the server will work with encrypt/decrypt, this can be done by MySQLs AES_ENCRYPT.
This must be one application at least in 3 Tiers. If you access database directly from your client (2 tiers) the database can be hacked. There are some options to do programs inside MySQL but I think is out of escope here.