2

Please help me with the following task: We need to store all data in MySQL (important) encrypted (mostly int, float, double) so no one could read the raw data in the MySQL in case of hacking.

Project is built on PHP + MySQL (Yii framework)

Please advice any solution, preferably free one :)

Thanks!

Improve this question
1
  • 1
    ...thereby eliminating any chance of indexing... Commented Feb 22, 2015 at 12:59

1 Answer 1

Reset to default
2

You have to hard work about indexes, because encrypted data cannot be indexed so searching that row will not be easy.

I recommend Aes :

AES_ENCRYPT() and AES_DECRYPT() can be considered the most cryptographically secure encryption functions currently available in MySQL.

INSERT into user (first_name, address) VALUES (AES_ENCRYPT('Person', 'myword'),AES_ENCRYPT('Person', 'myword'));

SELECT AES_DECRYPT(first_name, 'myword'), AES_DECRYPT(address, 'myword') from user;

Aes Encrypt Explanation:

http://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html#function_aes-encrypt

Aes Decrypt Explanation:

http://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html#function_aes-decrypt

All Mysql Encryption and Compression Functions : http://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html

This article is best about Mysql Database Security:

http://www.greensql.com/content/mysql-security-best-practices-hardening-mysql-tips

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

if the key (like myword) has to be used so often in pages, will that be security concern itself ?
This is just basic example @WhirlMind. Actually there is no 'myword' in the real code. You can use hashed key like md5 or better one.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.