Encrypt critical data in the database

Asked

Viewed 106 times

0

Thinking about security, and minimizing the problems in case someone disabled can have remote access to the database server, I thought to encrypt the critical data.

Critical data examples (defined by the client):

  • Credit card number: string;
  • Credit card security code: whole;
  • Wages: currency;
  • Social reason: string;
  • CPNJ: string;
  • Full name: string;
  • CPF: string;
  • Revenue values: currency;
  • Dates of receipt: currency;

But it would not be feasible if it lost functionality in the encrypted fields like:

  • order by CAMPO_CRIPTOGRAFADO
  • group by CAMPO_CRIPTOGRAFADO
  • Where/having CAMPO_CRIPTOGRAFADO like 'AB%'
  • Where/having CAMPO_CRIPTOGRAFADO between 50 and 56
  • Where/having CAMPO_CRIPTOGRAFADO between '2016-01-01' and '2016-01-31'
  • Where/having CAMPO_CRIPTOGRAFADO > 23
  • Where/having CAMPO_CRIPTOGRAFADO < '2016-01-01'

Is there any relational database, preferably freeware, that supports field encryption without losing the above features?

  • I don’t know this, thinking theoretically it must be complex to decrypt, so I believe that if I find something with these properties it will be as deceptive as not having encryption.

  • 1

    @pmargreff, all the houses have keys or padlocks, and all the keys are swindlable, but that’s why you keep locking your house, isn’t it? I know there’s nothing 100% safe, but I’ll try to make it as difficult as possible.

  • 4
    1. The real security flaw here is in unauthorized access to your database server; 2) In the same way that someone unauthorized obtained a password/user from another person, could also obtain the cryptographic key; 3) The complexity of what you suggest is gigantic near the ease of properly configuring your server’s security options.
  • @Allanandrade but this you are not considering the extra effort to do the reordering (which you even asked the question), imagine having to check the sofas of the houses according to their size, it is easier and faster to keep all doors locked and keep opening one at a time for checking or keeping a good number of security guards on the street and open houses?

  • 2

    What you want is already possible in theory - look for "Homomorphic cryptography" for more details. However, as far as I know, only IBM was able to actually do it as proof of concept a few years ago. That is, this is still far from being available to the general public, I do not believe that there is any database today that implements the technique, much less freeware.

  • @mgibsonbr Thank you so much for the tip!

  • @Allanandrade Has the answer solved what was in doubt? Do you need something else to be improved? Do you think it is possible to accept it now?

Show 2 more comments

1 answer

4

First, follow what Lacobus says in the question comment.

One of the things you should do is encrypt the database as a whole. It is not a 100% secure solution, but it is the simplest to do and it will probably give you the best security you can get.

Once this is done, access will be transparent. But if the server is compromised, the information will not be safe. The only way to ensure that the information is never accessed improperly is to ensure that it is not possible in a proper way :) And worse, the improper one day can happen with a lot of effort and discovery that the technique used was not as good as imagined. The proper form of access will probably not occur because no one will strive for it. That is, it is impossible to do what you want.

Essentially every database on the market allows you to do the encryption one way or another, even the Sqlite that is very simple achieves with a small additional effort.

If you want to encrypt only something specific gives also.

Encryption works on persistence (on storage), a compromised server can be accessed at other points where the data is not encrypted, memory for example.

You could have a cryptography end-to-end, which would destroy the database function.

  • Interesting. But why exactly would an end-to-end encryption destroy the database function? See Mega, for example. The files are stored on the server, but only the user has the key.

  • I don’t know what they do and they deliver what they promise, but if only those who consume the die can decipher it, as a query can be processed in the database? It would only have encrypted information. It becomes impossible to manipulate any data, will have to deliver all raw and the customer turns to filter and do other operations. It makes no sense.

  • It’s true. I understand.

  • @bigown, thank you for your attention. Considering that all the parameters so that no one has improper access to the server are being provided. But also thinking about the hypothesis that even so, someone might gain access. How to minimize data compromise? You suggested to encrypt the database as a whole.... how to do this with Mysql? What else can be done to avoid compromising the data. From this already thank you very much for the attention and "+1" for the answer.

  • @Allanandrade Every database has a way to do it, some do not have resources so handy. You need to ask specifically for Mysql. I can’t think of anything else that can be done. With the encryption the stored data is secure, I don’t know if you need to do anything else. The problem is what goes to memory. There is not much to do there, at least not something viable.

  • @bigown, I changed the question to be specific to Mysql.

  • As you are already dealing with the subject between you, I will not meddle, but if I had not read the comments here I would have reversed the edition, is what I do when the author changes the essential and there are already answers. Even, the fact of being Mysql is not relevant, the problem is more fundamental, lies in the concept of the layers and their functions.

  • @Bacco boa, feito.

Show 3 more comments

Browser other questions tagged

You are not signed in. Login or sign up in order to post.