Hello,
I am creating an application that store sensitive data. Because of the type of application , I am actually saving the data in xml format. So for example I could have name, address, phone and social security.
Should I just encrypt the whole thing or just sensitive data. ?
In general , how taxing it the encryption and decryption process for the mysql database?
Thank you
database encryption
Moderator: General Moderators
Re: database encryption
to me i just usually encrypt sensitive data(sensitive to me maybe isn't sensitive to you) since everytime I insert my sensitive data on my database I have to encrypt it and it will take process time(although its fast) and whenever I need it, I have to decrypt it which again takes processing time before it gets displayed. Now imagine if you're going to do this on all your data, it'll be quite inefficient.
Re: database encryption
Thank you,
After reading a lot of security forums, I decided to encrypt the whole thing. Now all my data is AES encrypted and all my queries use prepared statements. Basically I said to myself,What if it was my data?
After reading a lot of security forums, I decided to encrypt the whole thing. Now all my data is AES encrypted and all my queries use prepared statements. Basically I said to myself,What if it was my data?
-
jason.carter
- Forum Commoner
- Posts: 35
- Joined: Sat Jan 10, 2009 10:05 am
Re: database encryption
Also it might be useful to look at the built in MySQL function for
ENCODE(str,pass_str)
and
DECODE(crypt_str,pass_str)
ENCODE(str,pass_str)
and
DECODE(crypt_str,pass_str)