Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Storing sensitive data in database, recommendation

Tags:

python

security

database

passwords

postgresql

I'm searching for best solution to store sensitive data in database. I know that this is common problem and i have done my homework (at least this is what i think), but i wanted to ask here before i will make a decision.

Assumptions:

  • Encrypted data needs to be decrypted. We are talking about SMTP credentials like username, password, host, port itp.

I was thinking about 2 concepts:

  1. Encrypt data with help of passlib.totp library. To make those data a bit safer i will keep key in separate file. Then from what i can see i can use this library to decrypt data to plain text using my key.

  2. The other concept was to encrypt and decrypt data during query request with help of postgres:

    insert into demo(pw) values ( encrypt( 'data', 'key', 'aes') );

    And:

    decrypt(pw, 'key', 'aes'), 'utf-8')

    Here the key will be stored also in separate file.

So my questions are:

  1. What is better approach to encrypt / decrypt data, in code or in database?
  2. Are there any better (stronger) libraries to use than passlib.totp -> i have no experience with that library (i'm aware that encryption / decryption is not the moste secure way of storing password -> password supposed to be hased but i need it in plain text to use users smtp gate).
like image 439
szikael Avatar asked Nov 08 '22 20:11

szikael

1 Answers

2) The other concept was to encrypt and decrypt data during query request with help of postgres: insert into demo(pw) values ( encrypt( 'data', 'key', 'aes') ); and decrypt(pw, 'key', 'aes'), 'utf-8') Here the key will be stored also in separate file.

I wouldn't recommend that, because it's way too easy for the keys to get exposed in pg_stat_activity, the logs, etc. PostgreSQL doesn't have log masking features that would protect against that.

I strongly advise you to use app-side crypto. Use a crypto offload device if security is crucial, so key extraction isn't possible for most attackers. Or require the key to be unlocked by the admin entering a passphrase at app start, so the key is never stored unencrypted on disk - then the attacker has to steal it from memory. But even an unencrypted key file somewhere non-obvious is better than in-db crypto, IMO, since it at least separates the key from the data.

like image 167
Craig Ringer Avatar answered Nov 15 '22 05:11

Craig Ringer
Sign in to Comment

Related questions

How to capture screen on Wayland(Gnome) in Python code?
How to predict desired class using Naive Bayes in Text Classification
How to improve the speed of xlwings UDFs in Excel?
No module named openpyxl - Python 3.6 - OSX
Serving flask application with Nginx and gunicorn: permission denied when connecting to webpage.sock
How can I follow the cell currently being run in a Jupyter notebook?
Dynamic progress bar based on progress of script?
Customise the virtualenv `activate` script
Upload a Pandas DataFrame as Excel file directly to Google Drive using PyDrive
Optimal pythonic way to achieve result output
How to cross compile Python packages with PIP?
Celery 4.0.2 AsyncResult.then not working
Custom post install script not running with pip
Flask-sqlalchemy unique contraint not working
python odo sql AssertionError: datashape must be Record type, got 0 * {...}
Scrape Telegram channel for changes
Hierarchical clustering on sparse observation matrix
Powershell and Python - How to run a command as admin
What values when passed as a parameter to a function will cause default values to be used?
cannot import name '_endpoint_from_view_func' from 'flask.helpers' in python

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!