Cryptography/Database protection

From Wikibooks, open books for an open world
Jump to: navigation, search

Cryptographic protection of databases, mailinglists, memberslists.

A straightforward protection scheme: One-way hash function with symmetric encryption.

1. Encrypt the index field with a one-way hash function

2. Use the value of step 1 as the cipher key to encrypt the data fields.

Symmetric encryption algorithim — the same cipher key is used to encrypt and decrypt data

Searching the database[edit]

Look for the hashed value in the index field of the database and for each matching entry decrypt the data fields using the index field as the cipher key.


Example in php code[edit]

Some very easy php pseudocode to protect your data by encrypting your databases with a one-way hash and blowfish symmetric encryption.

Using a one-way hash and blowfish symmetric encryption. 1. Insert a record of John Doe in an encrypted database. 2. Get the encrypted record of user John Doe and decrypt the data.

Insert a record of John Doe in an encrypted database.[edit]

<?php

        require_once("Crypt/Blowfish.php"); // a Pear class  http://pear.php.net

        $aRecord['email']       =       "johndoe@anisp.localhost"; // The Primary key
        $aRecord['name']        =       "John Doe";
        $aRecord['creditnr']    =       "0192733652342" ;

        // crypt - one-way encryption
        $cipher_key = crypt( $aRecord['email'] , "A_SECRET_COMPANY_SALT");

        $bf = new Crypt_Blowfish('ecb');
        $bf->setKey( $cipher_key );

        // crypt_blowfish symmetric encryption to encrypt the data
        $aRecord['email']       = $bf->encrypt( $aRecord['email'] );
        $aRecord['name']        = $bf->encrypt( $aRecord['name'] );
        $aRecord['creditnr']    = $bf->encrypt( $aRecord['creditnr'] );

        $result = sqlInsert( $aRecord ) ;
?>

Get the encrypted record of user John Doe and decrypt the data.[edit]

<?php

        require_once("Crypt/Blowfish.php");  // a Pear class http://pear.php.net

        $primary_key = "johndoe@anisp.localhost";

        // crypt - one-way encryption
        $cipher_key = crypt(  $primary_key , "A_SECRET_COMPANY_SALT");

        $bf = new Crypt_Blowfish('ecb');
        $bf->setKey( $cipher_key );

        // crypt_blowfish symmetric encryption to ecrypt the primary key for a sql select
        $select_key = $bf->encrypt(  $primary_key ) ;

        $aRecord = sqlSelectWithPKEY( $select_key );

        // crypt_blowfish symmetric encryption to decrypt the data
        $aRecord['email']       = $bf->decrypt( $aRecord['email'] );
        $aRecord['name']        = $bf->decrypt( $aRecord['name'] );
        $aRecord['creditnr']    = $bf->decrypt( $aRecord['creditnr'] );
?>

This page or section of the Cryptography book is a stub. You can help Wikibooks by expanding it.