Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Best way of encrypting text to store in mysql database

Tags:

database

php

mysql

encryption

I want to know the best way of storing text in a database and encrypting it so as to prevent others (admin) from reading it. I'm allowing users to write (up-to) paragraphs of plain text and then storing in a database. This text is then displayed back to the user in their account. This means that I will have to be able to decrypt the data once i've encrypt it and stored it in the database. (I have created the project using PHP)

Thanks

like image 280
Kerron Avatar asked Apr 01 '11 13:04

Kerron

People also ask

How do I encrypt a string in MySQL?

The MySQL AES_ENCRYPT function is used for encrypting a string using Advanced Encryption Standard (AES) algorithm. The MySQL AES_ENCRYPT function encodes the data with 128 bits key length but it can be extended up to 256 bits key length. It encrypts a string and returns a binary string.

Can we encrypt data in MySQL?

To enable encryption for the mysql system tablespace, specify the tablespace name and the ENCRYPTION option in an ALTER TABLESPACE statement. mysql> ALTER TABLESPACE mysql ENCRYPTION = 'Y'; To disable encryption for the mysql system tablespace, set ENCRYPTION = 'N' using an ALTER TABLESPACE statement.

What encryption is used in MySQL?

MySQL Enterprise Transparent Data Encryption (TDE) protects your critical data by enabling data-at-rest encryption in the database. It protects the privacy of your information, prevents data breaches and helps meet regulatory requirements including: Payment Card Industry Data Security Standard (PCI DSS)

Should you encrypt data before storing in database?

Encrypting an entire database should be done with caution since it can result in a serious performance impact. It is therefore wise to encrypt only individual fields or tables. Encrypting data-at-rest protects the data from physical theft of hard drives or unauthorized file storage access.

1 Answers

AES_ENCRYPT and AES_DECRYPT are easy ways to encrypt/decrypt strings without writing the code yourself, available in MySql 5 upwards.

Be aware that the output of AES_ENCRYPT is a binary string, which needs to be stored in columns of a binary data type (most likely the appropriate one would be BLOB) instead of text types such as TEXT or VARCHAR that you would normally use for text data.

The problem is that you are going to have to store the encryption key somewhere, and you somehow have to keep the admin from accessing it. I don't know if that will be possible (admin of what exactly?)

like image 69
Jon Avatar answered Sep 28 '22 23:09

Jon
Sign in to Comment

Related questions

How to prevent a session
Fixing street names with regex
cURL/PHP Request Executes 50% of the Time
Using a diff on a document containing HTML
Where is a small, simple CMS that has no Front End done in PHP?
Pure PHP torrent client? [closed]
TLS with php server socket
Netbeans OutOfMemoryError: Java heap space, code formatting
How to preserve styles of embedded widget?
SSI parser written in PHP?
Is it better to call function in a nested way or to split each passage inside a var?
How to use Facebook graph API to retrieve fan photos uploaded to wall of fan page?
passing data from html to php
Optimal way to implement post read flags in forums?
Website with optimal cache control
PHP UTF8 mail gets garbled on iPhone mail app
How to calculate the memory needed for processing an image?
Ubuntu PHP5/Apache2 - Displaying 500 error instead of error message
Xpath fails if an element has a a xmlns attribute [duplicate]
IIS subfolder in different website

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!