tags:

views:

65

answers:

1
+3  Q: 

Rails database - how to store encrypted data using the user's password?

I have a database that will be holding sensitive data, so it should be encrypted in the database. Basically the sensitive data are credentials to another web site. So I want to encrypt them with the users password + salt.

To decrypt the credentials one would need the password.

I see two ways: On login, I could decrypt the credentials, and then store them in the session? Is that safe?

OR

Harder on the user would be to ask again for the password before decrypting the stored passwords/ids?

We don't want to have any ability to use the stored credentials ourselves.

+1  A: 

I highly recommend "Security on Rails" for this. It's a tricky topic, so you'll need to spend some time reading up in order to get it right. They cover exactly this topic, including how to salt the encrypted data, unit test to make sure it is encrypted, and more.

Their sample code shows how to add class methods to ActiveRecord::Base so that you can make any database column encrypted in one line of code. Definitely an idiomatic Rails approach.

It's an awesome read - the unit tests blew me away, so seriously ... go get it.

By the way, when you said

We don't want to have any ability to use the stored credentials ourselves.

you realize that because your code receives the unencrypted data from the user's browser, you do have access to the data in memory before it is encrypted on disk, or when it is unencrypted when the user wants to use that data later. And bad people could get access to that data if they root your box, sneak something into a Ruby eval(), etc.

Encrypting the data does help a lot, though. SQL injection attacks can't get the decrypted data, for example.

Harold L  2010-10-15 20:59:26
You could always encrypt the data on the client side and never handle un-encrypted data on the server side. The attacker would then have to change the client-side behaviour as well as the server-side behaviour, all without anyone noticing (harder)
Slartibartfast  2010-10-25 04:21:50
For the scenario in the question, he needs to handle the credentials for the other web sites unencrypted so that his web site can sign in to the other web sites on behalf of the user.
Harold L  2010-10-27 19:01:09

related questions

What language do you use for Postgresql triggers and stored procedures?
Are Multiple DataContext classes ever appropriate?
Which tools do people use to create Data Dictionaries?
Any experiences with Protocol Buffers?
Mechanisms for tracking DB schema changes
How big can a MySQL database get before performance starts to degrade.
How do I index a database field
How does database indexing work?
How do I connect to a database and loop over a recordset in C#?
Editing database records by multiple users
Object Oriented vs Relational Databases
VFP .NET OLEdb provider does not work in Win 64-Bits. Help
Embedded Database for .net that can run off a network
Connect PHP to an AS/400
Swap unique indexed column values in database.
cx_Oracle - what is the best way to iterate over a result set?
cx_Oracle - How do I access Oracle from Python?
.NET Migrations Engine
Is there a version control system for database structure changes?
SQLite and XSD
How do I version my MS SQL database in SVN?
XSD DataSets and ignoring foreign keys
Flat File Databases in PHP
Throw Error In MySQL Trigger
Binary Data in MySQL