1

I would like to create a web application using PostgreSQL as a database. I want to have the database encrypted, so that even an attacker that has root access to the database server can't decrypt the data (or at least he would have to mess around with temporary in-memory data which is hard). I don't care about the schema, only about the content of the tables.

I also don't want to store the decryption key somewhere on the application server (neither in a config file, nor hardcoded).

Instead, my idea was to encrypt the whole database (or just tables and rows?) using a key that is provided by the user over the web application and that decrypts at runtime.

Is this scenario possible with PostgreSQL and which options do I have implement this?

Side note: It's a .NET based application (ASP.NET MVC3) and I'm using the Npsql driver.

Improve this question
2
  • So, you will have «the one» user with a secret key? Or any user should be able to provide the key? Commented May 8, 2012 at 18:16
  • Yes, it is ok to have the one user with one single key. Commented May 8, 2012 at 18:24

1 Answer 1

Reset to default
1

Use pgcrypto for encryption. But, a superuser can control the log files and tell the database to log everything, every query. And that will include the queries including your passwords.

You might want to use SELinux and SEPostgreSQL.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.