Certain confidential information (payment information, usernames, passwords, etc.) must be encrypted before it can be stored in my database.
Later, this information must be decrypted in order to be extracted from storage and used later.
If I use, say, AES256 to encrypt my billing address, I still need to save this AES256 key / passphrase in saving.
If the whole point of encrypting the information entering the database is to protect this information, if someone breaks into my database and I keep the key to decrypt the same information in the database, then what is the data encryption point in the first place?
If someone breaks into my database, they will be able to find the stored key and decrypt any encrypted data that they want anyway.
Did I miss something?
source
share