Hi users and developers! I deleted the in-reply-to header as everybody misunderstood my first mail. Please give this a thought folks, especially developers, I can help developing it if nessecary.
I want to do transparent encryption. Like being able to choose an encryption scheme of a table or database when created so that the data on disk is always encrypted. I need this as my application doesn't communicate directly with the database. I do it via an application called tilde (http://tilde.tildesoftware.net), sure I can patch tilde (me and some others wrote it), but its not a good solution as I'm sure others need or at least want the same thing. There must be numerous of applications people use to store sensitive data that communicates with databases but without internal support for encryption. For examples Content Management Systems, Calendars, Business Systems, Web Shops etc.. is there anyone out there who think this idea is any good, I think its rather neccesarry. In the users interface it could be implemented as CREATE:ing the table with some extra flags, choose encryption algorithm, nums of bits etc. And when you're asking querys we'll need a new API to be able to send passphrases too. Or maybe encryption should only be turned on at the database level, not the table level, so you just have to pass an extra parameter on the mysql_real_connect()-api (the best thing is probably to create a new API, called something like mysql_connect_wparams(), taking an info-struct containing things like port, host, username, password, database, ssl-option etc..) or maybe just use the database-password as passphrase for the choosen encryption-scheme.. how strong is the PASSWORD()-funtion? is it just some crypt(3)-variant or good shit? come with some ideas! kind regards Tobias Bengtsson PS. Please CC replies on the internals list to me, as I'm only on the general discussion list ------- Missunderstood conversation follow below: On ons, jun 26, 2002 at 09:43:16 -0500, mos wrote: > At 05:40 AM 6/26/2002, Tobias Bengtsson wrote: > >Hi! > > > >I want to store my mysqldatabase encrypted on disk, it contains sensitive > >data. Is there anybody out there doing this already? Or do I have to > >rewrite > >the myisam routines? Or is there another way? > > > >Regards, Tobbe > > > >- > > Tobbe, > MySQL 4.02 has AES_Encrypt and DES_Encrypt which offers good > encryption. See http://www.mysql.com/doc/M/i/Miscellaneous_functions.html. -- `Given enough eyeballs, all bugs are shallow.' 69D6 E76A FC83 E9CA 0747 7A21 3CA3 2ABC 7A33 0551 Registered linux user number 75150 http://tobbe.nu/.sig http://tobbe.nu/pgp --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
