0

I want to store sensitive user data in a database. This contains information like: account balance, e-mail for bank etc.

I am now storing the account balance as decimal, the e-mail as text and the first and lastname as varchar. I was wondering if I should hash or encrypt this information in order to make it more secure.

I searched, but couldn't find if it is needed. Does anyone know if I should hash or encrypt this information, or should I leave it as I have right now?

Hans Vis
  • 29
  • 1
  • 6
  • Well hashing only works one way - if you intend to read the data later, this is not what you want. Good encryption might make the data more secure, but that really depends on some more factors like how you secure the encryption key. Remember: for your application to encrypt/decrypt data, you need the key in memory. Really depends on the attack vectors you identified. – Kaii Aug 29 '20 at 10:45
  • Is the database on the same server as the application? Who has administrative access to application server? Who has access to DB? If the DB is on another server administrered by different people, then encrypting the data sent to DB server might serve a purpose. Otherwise not really, because it makes no difference. Decryption is just another step when retrieving data if you have access to code+key. – Kaii Aug 29 '20 at 10:49
  • Also consider performance impact. You want to use the data types offered by SQL and you want to use proper indexing. This will be complicated with encrypted data. (I.e. each `name LIKE 'sam%'` will not easily work) – Kaii Aug 29 '20 at 10:51
  • Okay, thanks. The database and website are on the same server, I am the only one with access to the database. So I am just going to leave it as I have right now. Thanks! – Hans Vis Aug 29 '20 at 11:00
  • The fact that the webserver and the database server are on the same computer does not mean you should not encrypt data. However, pls do not try to implement encryption on your own, it is very easy to get it wrong and give yourself a false sense of security! Use established products for this purpose instead. Yeah, most of these are not free. – Shadow Aug 29 '20 at 11:48
  • @shadow you are partially right, it does not automatically mean you shouldn't. But as long as the key is not held separately from the data and especially secured, encryption has no value at all. Even if implemented correctly it gives a false sense of security. It's really not easy to get this right. That's why I asked that question. – Kaii Aug 29 '20 at 14:39
  • @Kaii if the encryption keys are not managed properly, then the encryption is not implemented correctly. – Shadow Aug 29 '20 at 15:04
  • @Shadow it seems you don't see the underlying hen egg problem in this. The only way for a "correct implementation" is to seperate the application code (and the crypto key) from the data storage. If both is on the same server, encryption has no value at all. – Kaii Aug 30 '20 at 14:52

0 Answers0