Security

Re: Security

On Tue, 09 May 2006 13:50:27 -0700, marcelo6@gmail. com wrote:[color=blue]
> What is more secure ?
>
> I think encrypt data directly with php is better because the information
> is sent directly encrypted to database server, but i not sure.[/color]

I would hope for a given algorithm they are equally secure...

Either way you have to have the key in the script, so I'd say whichever
takes your fancy.

It then depends on if your database and PHP are on the same machine and if
not, how secure is the network between the two.

Cheers,


Andy
[color=blue]
> Encrypt data using php functions before send it to database (mysql), or
> Encrypt directly on database, using encryption functions of database
> server ?
>
> Ex:
>
> $key = "this is a secret key";
> $input = "Let us meet at 9 o'clock at the secret place."; ---
> $encrypted_data = mcrypt_ecb (MCRYPT_AES, $key, $input, MCRYPT_ENCRYPT) ;
> or
> $query = "insert into myTable (text)
> values(AES_ENCR YPT('".$input." ','".$key."'))" ;[/color]
[color=blue]
>
> Thanks[/color]

--
Andy Jeffries MBCS CITP ZCE | gPHPEdit Lead Developer
http://www.gphpedit.org | PHP editor for Gnome 2
http://www.andyjeffries.co.uk | Personal site and photos

Re: Security

>What is more secure ?[color=blue]
>
>Encrypt data using php functions before send it to database (mysql), or
>Encrypt directly on database, using encryption functions of database
>server ?[/color]

What is your threat model? What is the risk of someone listening
in on your PHP<-->DB connection? (The DB and PHP are often on the
same host, or if not, on the same LAN). Does the DB log queries?
Where are the DB backups kept?

Then again, if the DB and PHP are on the same host, and the thief
steals the whole host, he's got both the encrypted data and the
key, with either setup.
[color=blue]
>$key = "this is a secret key";
>$input = "Let us meet at 9 o'clock at the secret place.";
>---
>$encrypted_dat a = mcrypt_ecb (MCRYPT_AES, $key, $input,
>MCRYPT_ENCRYPT );
>or
>$query = "insert into myTable (text)
>values(AES_ENC RYPT('".$input. "','".$key."')) ";
>
>I think encrypt data directly with php is better because the
>information is sent directly encrypted to database server, but i not
>sure.[/color]

If the threat model is only someone tapping the connection between
PHP and the database, but not breaking into either server, I think
you're right. But I'm not so sure that is a common threat model.

Gordon L. Burditt

Re: Security

marcelo6@gmail. com wrote:
[color=blue]
> I think encrypt data directly with php is better because the
> information is sent directly encrypted to database server, but i not
> sure.
>
> Thanks[/color]

I would say, theoretically, performing the encryption is safer on the
database, as PHP runs in a more vulnerable user account. The database
server is typically protected by a firewall, whereas the web server is
open to the Internet.