On 5/15/07, Ratheesh K J <ratheesh.kj@stripped> wrote:
> Hello all,
> I have a requirement of maintaining some secret information in the
> database. And this information should not be visible/accessible to any other
> person but the owner of the data.
> Whilst I know that encryption/decryption is the solution for this, are
> there any other level of security that I can provide to this?
> Which is the best security technique used in MySQL to store seceret
> PS: Even the database admin should not be able to access anybody else's
mcrypt is the right way to go.
The security goals as you've stated them are quite hard to accomplish. For
example, if the data is that sensitive and if a traditional block cipher is
used, the key has to be hanging around somewhere in order to encrypt the
Public/private key encryption would solve this issue. I have not
investigated whether mcrypt supports this. But in any case the public key
would be used to encrypt the data going into the database, and the private
key would be used to examine the data.