Encrypting the database is an efficient measure? How to protect data against leaks?

3

With the recent problems of password leaks and personal information from the most diverse sites, it is evident the lack of zeal as to the storage of such information by certain companies, showing total disregard for the trust of the user that provides such data considered as sensitive.

Some programmers though use hashs to protect passwords, ignore salt . Or, even though passwords are protected, other information such as emails, addresses, and credit card numbers is saved in plain text.

  • Is database encryption the solution?
  • What are the pros and cons of this solution?
  • What about the use of hash algorithms, which ones should be used and how best?
  • How much do these measures affect app performance?
  • asked by anonymous 09.09.2016 / 16:35

    2 answers

    5

    Yes, it is. If you use an appropriate mechanism, usually provided by the databases themselves.

    Some provide the ability to encrypt only a few parts, a column, for example.

    They can also offer different encryption methods. You need to choose one that suits you.

    Note that the password often deserves a different encryption from the database. A database is usually encrypted so data can be easily decrypted when needed. Password usually does not want to be decrypted, which gives more security.

    Data that needs to be decrypted (email, phone, and addresses) provide less security because somewhere it will be decrypted, somewhere it will have a key and a decryption algorithm. It has some techniques to increase security, but in a compromised system it does not have much to do. The only way to give greater security, but far from perfect, is decryption only occurring on the client using public and private keys.

    Leaks occur because of improper security techniques.

    One of the most common failures with passwords is the lack of a good salt . Another is to use * bad hash.

    All this is in the question and create.

    What is the alternative of not doing encryption? Leave without anything? It seems obvious to me that it is worse.

    It will affect performance a bit, but nothing strong.

    For the rest it can be read in the question: How to safely hash passwords? . It's practically a duplicate (at least in that part).

        
    09.09.2016 / 16:46
    0

    Good morning, for passwords I always use a hash sha1 or something that has no return, always mesque with a key of its own like date or text or something that varies from client to client.

    To encrypt user information I advise you to generate a key for each user, it can be a md5 of a NOW () timestamp that works. hence you have a key that nobody has access that one way or another you use it along with the key of the client and encrypts the data of it passing in a crypt or a base64 using this key.

    Once you get the db you will have a hard time figuring out your key to see the content of the generated hashes. The guy would have to invade your system and see in hardcode the key generated.

    ---- I'll give an ex using php ----

    to generate the key for each user

    $key=md5($nomedousuario.$email.date('Ymd'));
    

    What was done there is to generate a unique key for this user prox step you have to have a key of yours or more of a key like I do but in the case I will only illustrate with 1 for you to understand the process.

    $minhakey="87ye7jn789heyn986db87b";
    

    I generated a random key that you can treat it as you want. in my case I do the following

    $key_completa = str_replace("7"," ",$key.$minhakey);
    

    What was done is to remove the number 7 (for freshness) and generate a unique key that no one knows exists, this is the secret of the thing you have to have a key that you know how it was generated to encrypt all the information for that there is a way to read it.

    To encrypt the content you do the following now, let's assume that I have the client's email and want to protect it, it will stay like this, obs. use these functions I'm going through to make the process easier.

    function encrypt($data, $key){
        return base64_encode(
        mcrypt_encrypt(
            MCRYPT_RIJNDAEL_128,
            $key,
            $data,
            MCRYPT_MODE_CBC,
            "
    $email_protegido=encrypt("[email protected]",$key_completa);
    
    $email_legivel=decrypt($email_protegido,$key_completa);
    
    echo base64_encode('$key_completa = str_replace("7"," ",$key.$minhakey);');
    
    JGtleV9jb21wbGV0YSA9IHN0cl9yZXBsYWNlKCI3IiwiICIsJGtleS4kbWluaGFrZXkpOw==
    
    eval(base64_decode('JGtleV9jb21wbGV0YSA9IHN0cl9yZXBsYWNlKCI3IiwiICIsJGtleS4kbWluaGFrZXkpOw=='));
    
    $key=md5($nomedousuario.$email.date('Ymd'));
    
    $minhakey="87ye7jn789heyn986db87b";
    
    $key_completa = str_replace("7"," ",$key.$minhakey);
    
    function encrypt($data, $key){
        return base64_encode(
        mcrypt_encrypt(
            MCRYPT_RIJNDAEL_128,
            $key,
            $data,
            MCRYPT_MODE_CBC,
            "
    $email_protegido=encrypt("[email protected]",$key_completa);
    
    $email_legivel=decrypt($email_protegido,$key_completa);
    
    echo base64_encode('$key_completa = str_replace("7"," ",$key.$minhakey);');
    
    JGtleV9jb21wbGV0YSA9IHN0cl9yZXBsYWNlKCI3IiwiICIsJGtleS4kbWluaGFrZXkpOw==
    
    eval(base64_decode('JGtleV9jb21wbGV0YSA9IHN0cl9yZXBsYWNlKCI3IiwiICIsJGtleS4kbWluaGFrZXkpOw=='));
    
    %pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%" ) ); } function decrypt($data, $key){ $decode = base64_decode($data); return mcrypt_decrypt( MCRYPT_RIJNDAEL_128, $key, $decode, MCRYPT_MODE_CBC, "%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%" ); }
    %pre%%pre%%pre%%pre%%pre%%pre%%pre%" ) ); } function decrypt($data, $key){ $decode = base64_decode($data); return mcrypt_decrypt( MCRYPT_RIJNDAEL_128, $key, $decode, MCRYPT_MODE_CBC, "%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%" ); }

    to encode

    %pre%

    to decode

    %pre%

    To increase security go you can hide the code that generates the key doing so.

    You will transform the entire function into a 64 base

    %pre%

    will return this here

    %pre%

    So just do this to run

    %pre%

    So the guy who has coded will have a hard time figuring out what q is.

    Of course you can use a zend to encrypt your entire php by increasing security

        
    09.09.2016 / 16:43