Re: Searchable/Sortable Encrypted Fields in MySQL?
Hello. Where are you going to store the key? You could use subqueries for manipulations with encrypted data. Here is the example, however, you should turn of binary logging, because insert statements are being stored with key. create table pwd(id int auto_increment, pass char(100), primary key(id)); insert into pwd set pass=aes_encrypt('coolpass1','123'); insert into pwd set pass=aes_encrypt('anothercoolpass2','123'); mysql select pass from (select aes_decrypt(pass,'123') as pass from pwd) as unencrypted order by pass asc; +--+ | pass | +--+ | anothercoolpass2 | | coolpass1| +--+ mos [EMAIL PROTECTED] wrote: At 04:16 PM 7/12/2005, Matt McNeil wrote: I need to securely store lots of sensitive contact information and notes in a (MySQL or other freely available) database that will be stored on a database server which I do not have direct access to. This database will be accessed by a PHP application that I am developing. However, I also need to be able to search/sort these data with the database functions (SELECT, ORDER BY, etc) so simple PASSWORD style encryption of specific fields would not work. (For example, I need to encrypt contacts' names, but need to be able to sort results by name). (I realize I could load the entire table into memory with PHP and process/search/sort it there, but that's obviously not a very good solution). Ideally I would like to encrypt entire tables. An encrypted file system is not really an option, because the goal is to prevent loss if the database server is hacked (in addition, I wouldn't be able to install an encrypted file system on the database server). Any suggestions? Matt, Transparent encryption is not possible with MySQL. I've pondered this problem myself and haven't found a solution other than using a different database. Mike -- For technical support contracts, goto https://order.mysql.com/?ref=ensita This email is sponsored by Ensita.NET http://www.ensita.net/ __ ___ ___ __ / |/ /_ __/ __/ __ \/ /Gleb Paharenko / /|_/ / // /\ \/ /_/ / /__ [EMAIL PROTECTED] /_/ /_/\_, /___/\___\_\___/ MySQL AB / Ensita.NET ___/ www.mysql.com -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Searchable/Sortable Encrypted Fields in MySQL?
I need to securely store lots of sensitive contact information and notes in a (MySQL or other freely available) database that will be stored on a database server which I do not have direct access to. This database will be accessed by a PHP application that I am developing. However, I also need to be able to search/sort these data with the database functions (SELECT, ORDER BY, etc) so simple PASSWORD style encryption of specific fields would not work. (For example, I need to encrypt contacts' names, but need to be able to sort results by name). (I realize I could load the entire table into memory with PHP and process/search/sort it there, but that's obviously not a very good solution). Ideally I would like to encrypt entire tables. An encrypted file system is not really an option, because the goal is to prevent loss if the database server is hacked (in addition, I wouldn't be able to install an encrypted file system on the database server). Any suggestions? Thanks much, Matt
Re: Searchable/Sortable Encrypted Fields in MySQL?
At 04:16 PM 7/12/2005, Matt McNeil wrote: I need to securely store lots of sensitive contact information and notes in a (MySQL or other freely available) database that will be stored on a database server which I do not have direct access to. This database will be accessed by a PHP application that I am developing. However, I also need to be able to search/sort these data with the database functions (SELECT, ORDER BY, etc) so simple PASSWORD style encryption of specific fields would not work. (For example, I need to encrypt contacts' names, but need to be able to sort results by name). (I realize I could load the entire table into memory with PHP and process/search/sort it there, but that's obviously not a very good solution). Ideally I would like to encrypt entire tables. An encrypted file system is not really an option, because the goal is to prevent loss if the database server is hacked (in addition, I wouldn't be able to install an encrypted file system on the database server). Any suggestions? Matt, Transparent encryption is not possible with MySQL. I've pondered this problem myself and haven't found a solution other than using a different database. Mike -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]