| Working with an encrypted database |
(05-17-2019, 09:07 AM)jhob Wrote: Although further issue is if encryption key is stored on the server as plain text, as it would be with CI encryption library, and the server is then compromised, attacker would have the key required to decrypt the contents of the database. Are there any solutions that can help to guard against that? I'm no security expert, but maybe a solution would be to store the key on the client side, sent with each request over https? Or some kind of 2 factor authentication, one key on the server and another one sent from the client side, and you need the 2 keys to decrypt the database? Those are just ideas, I don't know if it would be more secure.
CodeIgniter 4 tutorials (EN/FR) - https://includebeer.com
/*** NO support in private message - Use the forum! ***/ |
| Messages In This Thread |
|
Working with an encrypted database - by jhob - 05-17-2019, 02:37 AM
RE: Working with an encrypted database - by dave friend - 05-17-2019, 04:57 AM
RE: Working with an encrypted database - by jhob - 05-17-2019, 09:07 AM
RE: Working with an encrypted database - by dave friend - 05-17-2019, 10:49 AM
RE: Working with an encrypted database - by includebeer - 05-17-2019, 03:39 PM
RE: Working with an encrypted database - by php_rocs - 05-17-2019, 05:41 AM
RE: Working with an encrypted database - by jhob - 05-17-2019, 09:08 AM
|
