0

I would like to encrypt some of my application data stored on a MySQL DB using AES-128. I wonder thus what is the best way to store my key on the webserver.

Should I encrypt the key itself or store it raw? Should I store in a file, a BLOB or as a record on some table? Should the key be stored on a server other than the one the web application lives in in case the server got compromised? Is it okay to transit an encryption/decryption key over HTTP/SSL from one place to the other? If yes would not jeopardize the performance of my web application?

schroeder
  • 123,438
  • 55
  • 284
  • 319
javaistaucheineinsel
  • 1
  • see https://security.stackexchange.com/questions/12332/where-to-store-a-server-side-encryption-key – mti2935 Apr 03 '21 at 13:13

1 Answers1

1

I will not give a direct answer here, because it can depend on the context.

First, if the application must run in an inattended way, for example automatically restart if the server reboots, there will be no truely secure way to store the primary key. So you have 3 options here:

  • most secure: require a human action to enter a password when the application is started. You can securely store the main key in an encrypted container, but you need a password owner each time the application is restarted.

  • standard: store the key in an unencrypted container in a file accessible only to the application or to the administrators

  • median: use obfuscation. The main key is mangled before being stored and will be demangled by the application before use. Any bijective operation can be used for mangling.

The fact is that obfuscation is not security, because if an attacker manages to find the key, it will probably be able to find the mangling in the application source or code. But it can give you some more time to detect the attack. You must just be aware that it does not add any security by itself, and because of that is seldom (if any) used in large datacenters.

Serge Ballesta
  • 25,636
  • 4
  • 42
  • 84