List:General Discussion« Previous MessageNext Message »
From:Mike Franon Date:February 5 2013 2:42pm
Subject:Re: file level encryption on mysql
View as plain text  
Which is the best way ?

I see you can do it from PHP itself

http://coding.smashingmagazine.com/2012/05/20/replicating-mysql-aes-encryption-methods-with-php/


or can use mysql AES?

http://security.stackexchange.com/questions/16473/how-do-i-protect-user-data-at-rest

From what I understand we need two way and one way encryption.  Is the
best way what the first article is recommending?



On Tue, Feb 5, 2013 at 9:20 AM, Reindl Harald <h.reindl@stripped> wrote:
> you have to encrypt them in the application and
> make the key stored as safe as possible, however
> for a full intrution there is no way to protect
> data which can not be only hashed
>
> somewhere you need the information how to encrypt them
>
> Am 05.02.2013 15:18, schrieb Mike Franon:
>> I tried all these methods and you are right this is not going to work for us.
>>
>> I am not a developer, does anyone have any good links or reference to
>> the best way I can share with my developers on best way to encrypt and
>> decrypt personal user info.
>>
>> We do not store credit cards, but want to store 3 tables that have
>> email address, ip address, and personal info.
>>
>> On Sun, Feb 3, 2013 at 12:57 PM, Reindl Harald <h.reindl@stripped>
> wrote:
>>>
>>>
>>> Am 03.02.2013 18:52, schrieb Mike Franon:
>>>> Hi,
>>>>
>>>> I was wondering what type of encryption for linux would you recommend
>>>> to encrypt the database files on the OS level? I had a hard time
>>>> starting the database after I moved it to a partiton with encryptFS
>>>>
>>>> I only need 3 tables encrypted and know it is better to do it from the
>>>> application, but unfortunately that cannot happen for a while.
>>>>
>>>> Has anyone done OS file level encryption, and if so which one did they
> use?
>>>
>>> https://wiki.archlinux.org/index.php/Dm-crypt_with_LUKS
>>>
>>> but this all is useless in case of intrusion because the FS
>>> is unlocked and you have no gain - FS encryption only matters
>>> if your notebook or disks get stolen which is unlikely on a server
>
Thread
file level encryption on mysqlMike Franon3 Feb
  • Re: file level encryption on mysqlReindl Harald3 Feb
    • Re: file level encryption on mysqlMike Franon5 Feb
      • Re: file level encryption on mysqlReindl Harald5 Feb
        • Re: file level encryption on mysqlMike Franon5 Feb
          • RE: file level encryption on mysqlRick James5 Feb
            • Re: file level encryption on mysqlspameden12 Mar