One of the things that has always bothered me about simple database data encryption: If the server is compromised, the database is effectively compromised. The attacker can use the same code as the app to query out the data as desired. A simple review of the app code will show where/how the key is stored and what the database connection parameters are.
Of course, encrypting the data can be helpful when storing off-server backups, etc., but for this purpose the backup files could be encrypted entirely, instead of fields, saving some headaches with queries, etc.
Generally, making sure the server is secure is the best practice. But, what if the data must be protected from everyone, sys-admins included (much like the way we treat user passwords, through hashing)?
Ultimately, I'm wondering, how can an encryption key be protected, so that it is not accessible by anyone without the secret, even the application code. The only approach I can think of is the key must be provided by the user at run-time (it isn't persisted on the host machine, period).
I imagine the first issue is that if a user has access to the server, there is probably a way that the secret could be sniffed at the point of entry, or if the key is stored in memory by the app (e.g. in a session variable) this could probably be exploited as well.
What are the other (likely glaring) problems with this approach? Is this just reinventing the wheel? If so, what is the best practice when data security is critical, even from super-user roles?
This question may be somewhat similar to: How to login and encrypt data with the same password/key, except that I'm asking if the concept is even a good one, not how to implement.