1

I am busy building an application that stores images of users in a filesystem,which can then be accessed by the database.

As the images should be confidential, is there a way to encrypt the filesystem and be able to link to the images from the database? I am using PHP, MySQL, Apache, Windows.

Thank you for your time!

Stefan
  • 301
  • 3
  • 14
  • Using base 64 encoding http://stackoverflow.com/questions/3967515/how-to-convert-image-to-base64-encoding – Luca Giardina Jan 25 '16 at 16:40
  • Hi, thank you for your reply. For my purposes base64 won't be practical, as I have very large image sets unfortunately. – Stefan Jan 25 '16 at 16:58
  • @LucaGiardina Base64 is not an encryption algorithm. It's for encoding binary data into a textual representation. – Artjom B. Jan 25 '16 at 17:06
  • There are some encrypted filesystems available like TrueCrypt or VeraCrypt. Are you sure you want an encrypted filesystem and encrypt/decrypt everything by hand in the application? Also, if you're talking about file systems, what does this have to do with MySQL? Are you trying to store the MySQL database in the encrypted filesystem or are you trying something completely different? – Artjom B. Jan 25 '16 at 17:09
  • Well @ArtjomB. You can decrypt it just because you know there is a base64 decode function. https://en.wikipedia.org/wiki/Encryption – Luca Giardina Jan 25 '16 at 17:10
  • @LucaGiardina Yes, if you change the Base64 alphabet to some custom alphabet, you're have effectively something like a substitution cipher, but who does that? If you want security, you use a modern cipher like AES with an authenticated mode like GCM and encode it with the default Base64 alphabet if you need a textual representation. – Artjom B. Jan 25 '16 at 17:14
  • @ArtjomB. I am planning to store the file reference in a MySQL database and the encrypted images in a filesystem. I was wondering at which point the encryption and decryption of the images would take place. – Stefan Jan 25 '16 at 18:56
  • This is opinion-based or rather it depends on other things like, if you're comfortable with your images being visible by other processes on your server. File systems are usually accessible by all processes and not just your web server which also connects to mysql. – Artjom B. Jan 25 '16 at 20:25

1 Answers1

1

This is not a MySQL problem. You should store file references in your MySQL tables and handle the file encryption yourself. IOW, your app should encrypt and decrypt the images at the application level and only these encrypted files should be moved around and stored. Only the app can then display the contents of an image file. No plain readable form of the image appears anywhere else.

john elemans
  • 2,578
  • 2
  • 15
  • 26
  • Thank you for your reply! This is exactly what I was looking for. Appreciate your feedback @john elemans! Now I know where and how to encrypt the images. Cheers! – Stefan Jan 25 '16 at 18:58