Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Two-key encryption/decryption?

Tags:

php

mysql

cryptography

encryption

I'm looking to store some fairly sensitive data using PHP and MySQL and will be using some form of reversible encryption to do so since I need to get the data back out in plain text for it to be of any use.

I'll be deriving the encryption key from the users' username/password combination but I'm stumped for what to do in the (inevitable) event of a password being forgotten. I realise that the purpose of encryption is that it can only be undone using the correct key but this must have been addressed before..

I'm trying to get my head around whether or not public key cryptography would apply to the problem but all I can think of is that the private key will still need to be correct to decrypt the data..

Any ideas?

like image 688
Matthew Avatar asked Dec 20 '10 22:12

Matthew

2 Answers

It's not clear what you are striving for, so advice on how to implement it is hard.

Standards like PGP and S/MIME encrypt each message with a new symmetric key. Those keys are then encrypted for each recipient of the message. This way, instead of duplicating the message (which could be very large) for each recipient, everyone gets the same ciphertext, and only the key (which is small) is duplicated—but encrypted differently for each recipient.

Maybe you could do something similar here, encrypting the key with the user's password, and encrypting another copy with your public key. If the user forgets their password, you can recover the message for them (after an appropriate backup identity verification) using your private key.

like image 111
erickson Avatar answered Sep 21 '22 18:09

erickson

The conventional solution is to have a "recovery agent": one user that holds a second password that can be used to decrypt all data. Strict usage policies would apply to using the recovery password, such as putting it physically into a safe.

Then, either encrypt all data twice: once with the user key and once with the recovery key; alternatively, generate a session key for every set of data, and encrypt the data only once, but the session key twice.

For that to work, at least the key of the recovery agent must be asymmetric, since the private part will live in the safe, and the public key in the software.

As yet another alternative using the same scheme: encrypt the user's passwords with the recovery key on password change. This is simpler to implement, but will allow to recover the passwords and not just the data, which may be undesirable.

like image 24
Martin v. Löwis Avatar answered Sep 23 '22 18:09

Martin v. Löwis
Sign in to Comment

Related questions

PHPMailer, AddStringAttachment and Data URI Scheme
Passing JSON-encoded variable from PHP to Javascript via POST
Creating functions without parentheses in PHP like 'echo'
Is there something like for i in range(length) in PHP?
Custom rendering of Zend_Navigation
Cruise Control as PHPUnderControl vs. Hudson for PHP
php split array into smaller even arrays
MySQLi PHP: Check if SQL INSERT query was fully successful using MySQLi
Reload AJAX data every X minutes/seconds, jQuery
Problems displaying French accented characters in UTF-8
Get MD5 Checksum for Very Large Files
CodeIgniter/PHP Active Record won't increment an integer
Manage Facebook Page tab apps via Open Graph API?
Codeigniter best practices with external stylesheets, scripts, includes, etc
GPS radius search with Php 5 and MySQL
Can I preview the XML that PHP SOAP wants to send before sending it?
PHP Catching a SimpleXMLElement parse error [closed]
What's the best way to capture a signature online?
What is the purpose of interfaces in php?
PHP Get Page Load Stats - How to measure php script execution / load time

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!