tags:

views:

78

answers:

4
+2  Q: 

Two-way encryption on a local webserver that could get stolen

I have an offline kiosk computer that will be running a LAMP web server and hosting a form for people to walk up and fill out. The data they submit will be encrypted and stored in a MySQL database (all stored locally on that machine).

The concern is that if the entire box was stolen, someone would potentially be able to get into the code, see the encryption keys and decrypt the data.

Is there any way to accomplish this set up in a way renders the encrypted data useless even if the entire machine is stolen? (i.e. an encryption password that is kept elsewhere, but still allows the newly entered form data to be encrypted and stored while the kiosk is in use)?

Thanks.

+3  A: 

Try this: http://andytson.com/blog/2009/07/php-public-key-cryptography-using-openssl/

Alex Howansky  2010-10-14 15:27:53
This is what you need. Public key encryption can allow anyone with the public key (e.g., the kiosk) to encrypt and only the holder of the private key (you) to decrypt. However, you won't be able to use the data in the database on the kiosk.
rojoca  2010-10-14 15:37:31
Awesome. Thank you. I think this is exactly what I need.
insomniak29  2010-10-14 15:44:34
Uhm.. but it's not two-way on the kiosk?
Øyvind Skaar  2010-10-15 07:11:54
The kiosk is just for collecting the data. The data would periodically be pulled from the kiosk and taken back to the office where it would be decrypted.
insomniak29  2010-10-15 13:57:40
A: 

How smart are your "attackers"?

You could but the key in ram, that way it would (kind of) disappear when the machine looses power. To do this you can mount some ram as a partition (ramdisk) and let the code load the key from there.

But, keeping the key from ever touching the disk can be difficult. The OS can, for example, swap it out.

Edit:

Smart attackers could circumvent this by either:

  1. Copying the key before they steal the box
  2. Dig around the disk in order to find the key.. or maybe parts of it and brute force the rest. As I said, keeping the key from ever touching the disk can be difficult ..

You could also do some light anti reverse-engineering and piece the code together in the code. That way, it would not be trivial (but not that hard either) to read it out.

Øyvind Skaar  2010-10-14 15:28:42
A: 

keyfiles on USB Stick???

w13531  2010-10-14 19:31:43
A: 

You can use the Asymmetric encryption algorithms (Ex. RSA) to achieve this. With that you will be having a pair of keys, a private and a public. And as the name suggest , the public key will be available to everyone, so the user data can be encrypted with this public key, and the encrypted data is only decrypted using the corresponding private key, which in tour case machine owner will keep. Thus Even in case someone steal your machine, it will be very difficult for person to decrypt the data.

Tara Singh  2010-10-15 06:47:17

related questions

Remove Quotes and Commas from a String in MySQL
What's the best way of converting a mysql database to a sqlite one?
How do you manage databases in development, test, and production?
Multiple foreign keys?
Add 1 to a field (MySQL)
Issues using MS Access as a front-end to a MySQL database back-end?
Bigger than a char but smaller than a blob
How do I retrieve my MySQL username and password?
Long-time LAMP Developer moving to VB.NET
How do I Concatenate entire result sets in MySQL?
Full complete MySQL database replication? Ideas? What do people do?
SQL: Distribution of table in time
SQLite vs MySQL
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
Multiple Updates in MySQL
MySQL/Apache Error in PHP MySQL query
What all do I need to escape when sending a (My)SQL query?
Auto Generate Database Diagram MySQL
Mechanisms for tracking DB schema changes
How big can a MySQL database get before performance starts to degrade.
Python and MySQL
SQL Server 2005 implementation of MySQL REPLACE INTO?
How to export data from SQL Server 2005 to MySQL
Throw Error In MySQL Trigger
Binary Data in MySQL