Page 1 of 1

AES and mySQL

Posted: Sun Jan 27, 2008 2:08 am
by JasonKerner
Hi,

I've been looking at using PHP with mySQL and running the routines to encrypt data using the AES_encrypt and AES_decrypt routines. The question I have, is where do you store the key/cipher so that people can't easily get that? Surely you can't just hardcode it into the script?

Jason

Re: AES and mySQL

Posted: Sun Jan 27, 2008 9:24 am
by Mordred
What are you encrypting? If it's login passwords, don't ;)
Also, which people aren't supposed to get the said key - the NSA/CIA/FBI/MI5, your hosting, your site admin?

Re: AES and mySQL

Posted: Sun Jan 27, 2008 11:00 am
by JasonKerner
I mean in terms of someone managing somehow to download one of the php scripts and find the key from looking at the mysql statements. Is it worth putting the key in a non accessible folder that apache doesn't access? I have full access to the entire server structure.

Re: AES and mySQL

Posted: Fri Feb 01, 2008 1:31 am
by bdlang
It's usually recommended to store the AES key within MySQL.

Re: AES and mySQL

Posted: Fri Feb 01, 2008 1:45 am
by JasonKerner
Ok, heres a question then, if I store the AES key inside the mySQL database, how do I protect the mySQL password in the PHP script that actually runs the connect statement properly?

Somewhere along the line a password is going to be hardcoded into the script? Or is there a better way of doing the connect statement?

Thanks for all the help so far on this thread

Jason

Re: AES and mySQL

Posted: Fri Feb 01, 2008 2:01 am
by JamesRavenscroft
I've been programming in PHP for a while (not long enough but still) and I've found that generally, the convention is to program the mysql password into a config file that can often be publicly accessible. The security risk - as far as I'm aware - isn't that high because if somebody was to try and HTTP GET your config file, PHP would just do the instructions within - set a few variables to usernames and passwords silently - and then exit. This means the end user sees a blank screen and your password is safe.

^^Confirmation anyone?

Re: AES and mySQL

Posted: Fri Feb 01, 2008 2:30 am
by Christopher
If the machine is secure then I see no reason not to store the cypher on the machine. Here are the potential dangers as I understand them:

- The danger of storing a password on a shared server is that the permissions may be inadvertently set so that others can read them.

- The danger of putting a password in a PHP script in the public web directory is that if your webserver becomes inadvertently misconfigured it will show the contents of PHP scripts.

- Server is compromised.

Re: AES and mySQL

Posted: Sun Feb 03, 2008 1:24 am
by phpknight
A simple scheme to protect your data, is to use the primary-keys to generate cipher-keys with a one-way hash functions, i.e. crypt, md5, sha in combination with a secret salt.

$cipher_key = crypt( $primary_key , "$2$_a_very_long_salt_at_devnetworks");
or
$cipher_key = md5( $primary_key . "$2$_a_very_long_salt_at_devnetworks");


See also, http://en.wikibooks.org/wiki/Cryptograp ... protection