I have an offline kiosk computer that will be running a LAMP web server and hosting a form for people to walk up and fill out. The data they submit will be encrypted and stored in a MySQL database (all stored locally on that machine).
The concern is that if the entire box was stolen, someone would potentially be able to get into the code, see the encryption keys and decrypt the data.
Is there any way to accomplish this set up in a way renders the encrypted data useless even if the entire machine is stolen? (i.e. an encryption password that is kept elsewhere, but still allows the newly entered form data to be encrypted and stored while the kiosk is in use)?
Thanks.