Re: Searchable/Sortable Encrypted Fields in MySQL?
Hello.
Where are you going to store the key? You could use subqueries for
manipulations with encrypted data. Here is the example, however,
you should turn of binary logging, because insert statements are being
stored with key.
create table pwd(id int auto_increment, pass char(100), primary
key(id));
insert into pwd set pass=aes_encrypt('coolpass1','123');
insert into pwd set pass=aes_encrypt('anothercoolpass2','123');
mysql select pass from (select aes_decrypt(pass,'123') as pass from
pwd) as unencrypted order by pass asc;
+--+
| pass |
+--+
| anothercoolpass2 |
| coolpass1|
+--+
mos [EMAIL PROTECTED] wrote:
At 04:16 PM 7/12/2005, Matt McNeil wrote:
I need to securely store lots of sensitive contact information and
notes in a (MySQL or other freely available) database that will be
stored on a database server which I do not have direct access to.
This database will be accessed by a PHP application that I am
developing. However, I also need to be able to search/sort these data
with the database functions (SELECT, ORDER BY, etc) so simple PASSWORD
style encryption
of specific fields would not work. (For example, I need to encrypt
contacts' names, but need to be able to sort results by name). (I
realize I could load the entire table into memory with PHP and
process/search/sort it there, but
that's obviously not a very good solution). Ideally I would like to
encrypt entire tables. An encrypted file system is not really an
option, because the goal is to prevent loss if the database server is
hacked (in addition, I wouldn't be able to install an encrypted file
system on the database server).
Any suggestions?
Matt,
Transparent encryption is not possible with MySQL. I've pondered
this problem myself and haven't found a solution other than using a
different database.
Mike
--
For technical support contracts, goto https://order.mysql.com/?ref=ensita
This email is sponsored by Ensita.NET http://www.ensita.net/
__ ___ ___ __
/ |/ /_ __/ __/ __ \/ /Gleb Paharenko
/ /|_/ / // /\ \/ /_/ / /__ [EMAIL PROTECTED]
/_/ /_/\_, /___/\___\_\___/ MySQL AB / Ensita.NET
___/ www.mysql.com
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Searchable/Sortable Encrypted Fields in MySQL?
I need to securely store lots of sensitive contact information and notes in a (MySQL or other freely available) database that will be stored on a database server which I do not have direct access to. This database will be accessed by a PHP application that I am developing. However, I also need to be able to search/sort these data with the database functions (SELECT, ORDER BY, etc) so simple PASSWORD style encryption of specific fields would not work. (For example, I need to encrypt contacts' names, but need to be able to sort results by name). (I realize I could load the entire table into memory with PHP and process/search/sort it there, but that's obviously not a very good solution). Ideally I would like to encrypt entire tables. An encrypted file system is not really an option, because the goal is to prevent loss if the database server is hacked (in addition, I wouldn't be able to install an encrypted file system on the database server). Any suggestions? Thanks much, Matt
Re: Searchable/Sortable Encrypted Fields in MySQL?
At 04:16 PM 7/12/2005, Matt McNeil wrote: I need to securely store lots of sensitive contact information and notes in a (MySQL or other freely available) database that will be stored on a database server which I do not have direct access to. This database will be accessed by a PHP application that I am developing. However, I also need to be able to search/sort these data with the database functions (SELECT, ORDER BY, etc) so simple PASSWORD style encryption of specific fields would not work. (For example, I need to encrypt contacts' names, but need to be able to sort results by name). (I realize I could load the entire table into memory with PHP and process/search/sort it there, but that's obviously not a very good solution). Ideally I would like to encrypt entire tables. An encrypted file system is not really an option, because the goal is to prevent loss if the database server is hacked (in addition, I wouldn't be able to install an encrypted file system on the database server). Any suggestions? Matt, Transparent encryption is not possible with MySQL. I've pondered this problem myself and haven't found a solution other than using a different database. Mike -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
