0

Encrypting data

Having just finished adding attr_encrypted to some models, I've come to think that a hackers job might not be that hard.

I've got a database on a different server to the app servers - however, chances are that if someone managed to get on to the db server, that person could also access the app server where the keys are stored (perhaps that assumption is incorrect) as they have the same type of security measures.

Issue 

Rails code is stored in a readable text format on the server, therefore the secret keys can be accessed. Surely if someone did get a hold of the database, and a hold of those keys the entire encryption of data becomes irrelevant as it simply (slightly) prolongs the hackers time to decrypt information.

If so, are there further security measure that can be taken, or have I completely missed the concept of encryption?

I've had a look around the attr_encrypted gem and associated readme and questions but could not find anything useful.

Community
  • 1
  • 1
cb24
  • 577
  • 5
  • 7

2 Answers2

0

attr_encrypted protects your data from simple data leaks. Think NSA sniffing an inter-DC cable (where your db replication logs will be sent over) or disgruntled DBA (not having access to app source) dumping all your data into the internets.

If it is actual breach, intruders might not get access to both app code and database (depends on your architecture and security measures). If they have both, then yes, it's game over.

All in all, it's better to have it [for sensitive data] than not to have. Doesn't hurt, I'd say.

Anastasiia Tulentseva
  • 33
  • 4
0

Don't put the keys in the app server and don't check them in to the git repository.

Instead, use environment variables. You can have different approaches for dev and production.

Very easy to do on Heroku (for example).

I have an encryption concern:

# app/models/concerns/encryption.rb

module Encryption

  extend ActiveSupport::Concern

  module ClassMethods
    def encryption_key
      ENV['ENCRYPT_KEY']
    end
  end

end

In the model, I do this

class User < ActiveRecord::Base

  include Encryption
  attr_encrypted :name, :key => encryption_key

end

In development, I use a .env file to store keys and retrieve with foreman.

Mark Swardstrom
  • 17,217
  • 6
  • 62
  • 70
  • Hi @swards, thanks for helping with that. It's encouraged me to move them out of the repo (although I'll have to swap all the keys as their are of course versioned since the start...) Sorry for the naïvety, but what happens if the server is wiped and your local secure copy disappears (laptop theft, data corruption etc). How would you back up these keys if not in a repo, but still accessible to certain devs? – cb24 Oct 23 '15 at 09:19