[nycphp-talk] Encrypt and decrypt to store in DB
Flavio daCosta
nyphp at n0p.net
Fri Aug 4 13:15:08 EDT 2006
On 08/04/2006 12:18 PM, Mitch Pirtle wrote:
> So a client comes up to you with an intent to require encrypted data
> in the database. This of course requires two-way encryption, which
> unfortunately means you gotta store the keys on the webserver to
> decrypt the data.
There was a similar thread about a year ago:
<http://lists.nyphp.org/pipermail/talk/2005-June/thread.html#15222>
which I commented on, (and perhaps should have used the term
'Multilayer' instead of 'Multifactor')
There are some interesting "Translucent Database" techniques out there
(a quick google shows a few links to follow for more info), but they can
get difficult to implement correctly and thus loose the security you
_think_ you have.
flav
More information about the talk
mailing list