Ask HN: Protecting database information?
What's the best way to protect information in a database? The information should be readable from a web application but assuming the database gets hacked, the information should be safe.
An idea I had was to cipher information before inserting into the database but I guess all an attacker needs is the key in order to unlock it.
I'm not great with security so I'm hoping you folks on HN would have some ideas.
[+] [-] coo1k|9 years ago|reply
If your website is used by authenticated users i.e. requiring username password to login, then you could use their password to encrypt relevant data and decrypt it in runtime when the user logs in. However make sure you destroy the password and decrypted information from memory after user logs out or after a certain timeout, whichever is earlier.
Since now you are not storing keys on your server, attacker wont be able to decrypt sensitive information even if he gains administrative access to your server. Each user will be holding key in form of his password. The attacker will have to get password of each user.
Use https so that the attacker wont be able to sniff out password of the user.
Downside: 1. Forgot password functionality will be hard to implement 2. If users try to login to your application after attacker gains access to it, attacker will come to know of the password and use it to decrypt information pertaining to that user. 3. Even you won't be able to see the information since you won't have the decryption key.
[+] [-] tixocloud|9 years ago|reply
Now I'll just have to think about handling the "Forgot Password" functionality. I'm not sure for #3 if I do need to see the information although I worry that my users would be using it for nefarious purposes.
[+] [-] zimpenfish|9 years ago|reply
http://www.wayner.org/node/46
> Translucent databases provide better, deeper protection by scrambling the data with encryption algorithms. The solutions use the minimal amount of encryption to ensure that the database is still functional. In the best applications, the personal and sensitive information is protected but the database still delivers the information.
(Disclaimer: I haven't read it yet)