Geek Answers Handbook

Is database encryption less secure than application encryption?

I get the data and use aes or blowfish to encrypt it before storing it in the database, so encryption is done at the application level. If someone steals the database, the data will be relatively safe if they do not steal the application as well (where the key is stored / available).

Now I am studying database encryption with libraries such as ezNcrypt for MySQL , Encryption-GENERAL or SQLCipher .

But I do not quite understand how database encryption works. If the application only transfers raw data to the database, and the database somehow decrypts the data, would this make encryption at the database level less secure if the database were stolen because 100% of the encryption component was stolen?

In my current situation, if the database is stolen, the attacker would have to install the second component (the key, which is at the application level) to decrypt the database. But using database encryption, the database itself is fully responsible for encryption, therefore, having stolen the database, will the attacker not have everything necessary to decrypt the database?

Perhaps I do not understand how decryption works at the database level.

+6
security database mysql encryption
source share
2 answers

The encryption algorithm is applied at different points in the application stack, but at the end of the day the process will be the same regardless of whether you are using an application or a db level solution. The key must be stored somewhere, and if the attacker receives both encrypted data and the key, they have access to the data.

So, the real question comes down to how you store your key:

  • Plaintext - if it is in plaintext somewhere in the file system, then this is your weak point. Maybe this is in the application code, maybe somewhere in the configuration file. In any case, the one who gets administrator access to the server (or just steals a hard drive) has what he needs, and stealth is your only protection.
  • Manual input. If you have a user who enters a key when starting an application / database / PC, you basically * fix the plaintext problem. Instead, you require the user to remember the key, and you refuse the possibility of a fully automated restart (bad news for a server that should not sleep).

* I speak mainly because technically the key is still available in open form somewhere in RAM. But it is much more complicated than something stored on the disk (despite the memory exchange).

As for MySQL, you can find this thread .

+2
source share

What method do you use to authenticate your users? If in each case the authentication method is the same, encryption in the application is unlikely to be more or less secure than in the database. The most likely attack vector is still the same. It seems much less likely that the attacker will actually be able to steal the database, and not just gain access to it - unless you are doing something very stupid.

0
source share

More articles:


All Articles