-1

Im in a project that we need to build an app to store sensitive information in a mysql db. I want to have a key reused in the app because we need to encrypt inputed data and decrypt later to show the information.

I'm studying libsodium, but I have a question... They recommend to dont reuse the key and nouce, if we follow this, we won't be able to decryt later!

Can someone instruct me how to deal with this?

We will build a method to erase / change key on a possible breach!

hhelderneves
  • 925
  • 8
  • 24
  • If you need to keep creating new keys, you could maybe store the older keys with a time stamp and when decrypting the rows, get the corresponding key by the date. – Phiter Sep 11 '18 at 18:48
  • 3
    You're asking good questions here, but the sort of questions you're asking indicates you're in way over your head here if this is for a project involving real-world data that *must* be secured. I'd strongly advise you hire a consultant with experience and certifications to recommend a strategy if that's the case. – tadman Sep 11 '18 at 19:34
  • An option that may work for you and wouldn't require as much knowledge of encryption libraries is to use a database as a service offering that provides transparent encryption at rest. Amazon's Aurora is an option that is MySQL compliant and the encryption key is managed via AWS key management service. https://aws.amazon.com/about-aws/whats-new/2015/12/amazon-aurora-now-supports-encryption-at-rest/ – Brady Emerson Sep 11 '18 at 20:07
  • @tadman thanks, but um still figuring out why there are thumbs down - _- – hhelderneves Sep 11 '18 at 20:40
  • It's because this question is too broad and is really off-topic here, that's all. A good question has code and something we can help fix. This is sort of philosophical in nature and we really can't do anything. – tadman Sep 12 '18 at 17:00

1 Answers1

0

This is really a broad question. It really depends on what info you are saving and how sensitive it is. This link describes encryption types and usage.

https://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html

One example is using AES_ENCRYPT and AES_DECRYPT.

Here is a Quick example of AES_ENCRYPT and AES_DECRYPT MySql functions.

  1. Set you database table to a Binary Type I use BLOB.

  2. Second create a key to work with.

  3. Insert into db encrypted.

  4. Select decrypted data from the database.

This will Generate a Random string.

function randomString($length) {//This is a function to create a random String.
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$string = '';    
for ($p = 0; $p < $length; $p++) {
$string .= $characters[mt_rand(0, strlen($characters)-1)];}
return $string;}
$ourKey = randimString(16);//get our String in a Varable($ourKey).

Use the AES_ENCRYPT MySQL function on your Insert.

$ourInsert = "INSERT INTO MY_TABLE(FIRST_NAME, OUR_KEY)VALUES(AES_ENCRYPT(FIRST_NAME,'".$ourKey."'), ".$ourKey.")";

Use the AES_DECRYPT MySQL function to decrypt it.

$ourSelect = "SELECT AES_DECRYPT(FIRST_NAME, OUR_KEY) AS FIRST_NAME";

For passwords and more sensitive data use PHP's password_hash() function. You db table needs to be at least 75 CHARS for this. Here is a link that Explains in more detail.

http://www.php.net/manual/en/function.password-hash.php

Note that you cannot decrypt password_hash only match against other data.

Example of how to use password_hash to hash the password and insert it into the db.

$hashedPassWord = password_hash(users password, PASSWORD_BCRYPT, array("cost" => 17));
$insertPass = "INSERT INTO MY_TABLE(PASSWORD)VALUES(".$hashedPassWord.")";

and to check against the hashed password select the password from db and use password verify to match it against the hashed password. 

if (password_verify(users_input, db_password_hash)) {/*do something*/}

Note this just covers the very basics. There are other things you need to do like using prepared statements with PHP and escaping strings. I just touched a bit on encryption to get you started.

Jonny
  • 1,319
  • 1
  • 14
  • 26
  • AES isnt decrapted, aswell bcrypt? I read somewhere that even security advisors Say to dont use openssl... The data is really sensitive, basically to store lawyer processes information, messenges from clients etc.. – hhelderneves Sep 11 '18 at 21:05