Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Strategies for Encryption with Django + Postgres?

Tags:

I'm going to be storing a few sensitive pieces of information (SSN, Bank Accounts, etc) so they'll obviously need to be encrypted. What strategies do you recommend?

Should I do all the encryption/decryption in the web app itself? Should I use something like pgcrypto and have the conversions done on the DB side? Something else entirely?

Also, if you think I should do encryption on the web app side, what Python libraries would you recommend?

like image 585
Adam Levy Avatar asked Sep 03 '10 13:09

Adam Levy

People also ask

How do I encrypt a database in Django?

To encrypt your data using django_cryptography, all you need to do is import encrypt from django_cryptography. fields and use it directly on each field where it is required. In app/models.py put the code given below. Then, add the code given below to app/admin.py to display your models on your admin page.

Which encryption is used in Django?

By default, Django uses the PBKDF2 algorithm with a SHA256 hash, a password stretching mechanism recommended by NIST. This should be sufficient for most users: it's quite secure, requiring massive amounts of computing time to break.

Can PostgreSQL be encrypted?

PostgreSQL offers encryption at several levels, and provides flexibility in protecting data from disclosure due to database server theft, unscrupulous administrators, and insecure networks. Encryption might also be required to secure sensitive data such as medical records or financial transactions.

What encryption does PostgreSQL use?

Transparent Data Encryption, or TDE, is used to secure the data at rest. In other words, it encrypts the data in a database to prevent an attacker from reading the data if they break the first line of defense.

2 Answers

You can also check django-pgcrypto: https://github.com/dcwatson/django-pgcrypto

like image 97
Ignacio Pérez Avatar answered Oct 22 '22 14:10

Ignacio Pérez

I agree that first you need to consider your overall security model and what threat avenues might be the most risk, a la this article:

https://security.stackexchange.com/questions/16939/is-it-generally-a-bad-idea-to-encrypt-database-fields

but also take a look at these for encrypted fields in Django:

encrypted fields: https://github.com/svetlyak40wt/django-fields

more encrypted fields:

https://github.com/defrex/django-encrypted-fields, https://github.com/django-extensions/django-extensions

like image 38
Dave Parizek Avatar answered Oct 22 '22 13:10

Dave Parizek
Sign in to Comment

Related questions

UIImagePickerController - Setting a maximum video duration [closed]
Overloaded methods in interface
Why doesn’t WCF support service-side timeouts?
Are Unix reads and writes to a single file atomically serialized?
the behaviour of top: auto; bamboozles me
Computing sparse pairwise distance matrix in R
How to configure Visual Studio to use different source control providers
Upload a file using an API PUT request
How can I pass JVM options to SBT to use when running the app or test cases?
Can a static method in a derived class call a protected constructor in C++?
What is best way to have Bounded Queue with ScheduledThreadPoolExecutor?
What is the bindings parameter for the block in predicateWithBlock: used for?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!