NYCPHP Meetup

[Aaron Fischer]

In my case I am thinking about encrypting (and decrypting) the user's 
social security number.

Where to store the key is a similar problem as where to store the 
username/password credentials for DB access, correct?

I'm in a shared hosting environment so I've got that working against me 
as well.

-Aaron


csnyder wrote:
> By making the decryption key available to the webserver, the benefit
> of encrypting the data in the first place is extremely questionable.
> 
> The only way to safely handle this is to keep the decryption key in a
> separate place. You could either provide it to the original server on
> demand (via a form field) when someone needs to work with the
> encrypted data, or (better yet) you could bring the encrypted data to
> another, locked-down system and perform on-demand decryption there.
> 
> Typically, you're storing credit card details, right? The only
> person/system that needs to decrypt these is the person/system that is
> performing the actual act of charging the card. Nobody else in the
> order chain needs the data, so it should be trivial to set up this
> kind of separation.
>