I'm looking for guidance on encrypting fields (and/or tables if possible) for MySQL. I will settle for a decent tutorial but I'd really like specific tips on managing the transition from an unencrypted schema to one utilizing encrypted fields. Thanks!
A:
There are (at least) two approaches actually. You can encrypt data stored in your tables (using EAS/DES functions for example http://dev.mysql.com/doc/refman/5.1/en/encryption-functions.html)
Or you can use encrypted hard disk partition to store your data folders (for example with TrueCrypt)
Mchl
2010-08-02 18:17:21
+1
A:
Along with AES_ENCRYPT for the fields, if you are storing sensitive information, better enable SSL over the wire too. Also consider network separation (vlan) of the sensitive database machines and other standard security practices. Key storage is important (where is that shared aes key hanging out, surely not on the webserver(s)!) and consider the impact on indexes/queries since searching or joining table data will not be as simple as it once was.
Jumby
2010-08-02 19:22:33
Thanks, some good considerations here
Joe
2010-08-04 15:24:47
+1
A:
Think what you try to achieve with the encryption? There's no simple secure solution unfortunately.
Remember that the key you are using for encryption can be fetched from your code. So from hacker perspective, getting around that encryption is quite easy. You need to think your architecture and infra as well.
A:
What's the value of encrypting the database at the field level? Is this what you really want, or will it be sufficient to encrypt at the OS or SAN level? Do you plan to roll-over the keys, or just keep the same encryption key for eternity? Will encryption break table indexes, references or field types? How will you share the encryption key across a database cluster?
I'm only raising these points because database encryption is usually something management wants, but no-one really can explain the value-add or how it will be implemented...
Simon Ellis
2010-08-04 05:44:10