1

Is there any way to encrypt my data without doing it manually? I do not want to update my data to the encrypted data every time. I thought about triggers but triggers cannot work on same table. I want after any insert or update, encrypted insert or update will happen in my database instead of normal insert or update. Any suggestion would be appreciate, I prefer this happen in database not in PHP.

encrypted insert code:

insert into usersExample3(username,password,salt)
values('bestTom2',aes_encrypt(concat('password1234','salt12345'),'key1234'),'salt12345');
  • What's your threat model? What encryption requirements do you have? As a note, this is the weakest possible way of doing it as anyone with access to your server will be able to pull the general query log and in so doing get all the information they need to unlock the data. – tadman Sep 12 '18 at 17:51
  • 1
    @tadman In fact, if you're not careful the encryption key may be leaked in user-visible error messages. –  Sep 12 '18 at 18:00
  • @duskwuff You are right, The key might leaked somewhere and I will make sure It will not leak in user visible messages. –  Sep 12 '18 at 18:09
  • @tadman, I am sorry asking this since I am new, Can you explain how they able to pull the general query log? And Can you help me to prevent this not happen? and I will create indexes and view so no one else except me have access to the Main Database. –  Sep 12 '18 at 18:11
  • If you've got security concerns, that's understandable, but asking here is not going to get you the answers you need. It'd be best to hire a consultant with the appropriate certifications to make recommendations. If you do this wrong you make things way worse and expose yourself to more risk. Be careful. – tadman Sep 12 '18 at 18:30
  • Ok, Any documentation will help. I noticed that pull the general query log in mysql just show the recent queries not all. –  Sep 12 '18 at 19:05

0 Answers0