1

I have to store sensitive data on the server for a web application. The data has to be viewable in plain text later so I can't hash it.

My question is what would be the most secure way to apply the algorithm / where to store my key. I could store it locally on the server or do you have any ideas to store this data as secure as possible while still being able to decrypt it?

Niklas7
  • 173
  • 8
  • Is there a reason why the client can't do the encryption and the key stays with them? This means the data is secure no matter what attacks or leaks occur on the server. – Luke Joshua Park Nov 26 '19 at 22:04
  • Please see this : https://stackoverflow.com/questions/53478860/how-to-encrypt-and-decrypt-in-angular-6 – Reza Dehnavi Nov 28 '19 at 04:19

1 Answers1

-2

We cannot decrypt a cipher text without a key. Hashing is an irreversible process. It wont work in your scenario. There are two types of cryptography techniques: Symmetric and Asymmetric.

Asymmetric cryptography is maintaining two keys for everyone:public key and private key.When you want to communicate with someone, you should encrypt the plain text using their public key and they will decrypt the same using their private key. When they want to communicate with you, they will encrypt the plain text using your public key and you can decrypt the same using your private key. So every party should hold two types of keys.

Symmetric Cryptography is maintaining a single key for a communication. The single key will encrypt and decrypt the data. When two parties wants to communicate, they should have a shared secret key (common key). When you want to communicate, you can encrypt the plain text using the key and they will convert back the cipher into plain text using the same key.

In your scenario, you can use Symmetric cryptography techniques such as AES,DES etc., You can maintain a separate key for every user. You can use that key for encryption and decryption. The keys can be stored in another database. whenever you want to display the password in plain text, you can take the key for the user and decrypt it using the same cryptographic technique.

Abinesh B
  • 1
  • It seems @Niklas7 wants to store sensitive data in a secure way. Neither Asymmetric cryptography nor Symmetric Cryptography is a good solution for this issue. – Reza Dehnavi Nov 28 '19 at 04:18
  • Sensitive data can be stored in a secure way using either symmetric ,asymmetric encryption or hashing algorithms. Since the process has to be reversible, only symmetric or asymmetric techniques can be used here. The keys for all users can be stored in a secure way. – Abinesh B Nov 28 '19 at 06:15
  • This doesn’t solve the problem because now you’re having the same problem with storing the encryption key. – not2savvy Nov 28 '19 at 06:27
  • If it has to be reversible, you must need a key to convert back and forth. As far as my concern, there are no other cryptographic algorithms in the world currently to convert back and forth without using keys. AES,DES,RSA,ECC uses key to encrypt/decrypt. – Abinesh B Nov 28 '19 at 12:58