I am working on a application dealing with customer details , which we want to store in our DB as encrypted , Which one is preferable Argon2
Argon2 is a hashing algorithm, it can be used to store password in database, in more or less secure way. See OWASP guide to storing passwords.
HSM is hardware dedicated for key storage - if you have access to HSM, you should use it to store your encryption keys, certificate keys and so on.
While you may use HSM to store a password encrypted with reversible encryption alghorithm (i. e. AES, SALSA), it would perform similar role to password storage software, like KeePass.
If you just need to store password in order to authenticate users, you need to keep salt, and a hash of salted password. Hashing function by definition always gives you the same result for the same data. When user account is created, you generate salt, add it to password, and hash the result. Then you save hash and salt. When user tries to authenticate, add stored salt to password, hash the result, and check if its value is equal to value of hash in your database.
On the other hand, if you are making a password vault of some kind, you need to be able to decrypt stored data. HSM may be useful for that.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With