“零知识"指的是“零知识".mysql数据库加密 [英] "zero knowledge" encryption for mysql database
问题描述
我一直在研究Web应用程序数据库层的加密.它使用的是MySQL 5.1(或更高版本,我不记得了).
I have been looking at encryption for the database layer of my web application. It is using MySQL 5.1 (or higher, I can't remember offhand).
由我的组织管理的应用程序为公共客户存储数据.
The application, managed by my organisation, stores data for public clients.
最简单的选择是AES_ENCRYPT/AES_DECRYPT,如果一个坏家伙以某种方式访问了我的数据库(假设他们不知道密钥),这将很有帮助.
The easiest choice is AES_ENCRYPT/AES_DECRYPT which would help if a baddie somehow gained accessed to my database (assuming they didn't know the key).
但是,我想更进一步,阻止组织中的任何人查看未加密形式为客户端存储的任何数据.
However I want to take this a step further and prevent anyone in my organisation from being able to view any data stored for clients in its unencrypted form.
我们使用此前提来存储密码;我们在应用程序级别对原始密码进行加密,然后将其与在数据库级别与预加密的密码进行比较.这显然是一种非常普遍的方法,但是我们从用户那里得到了输入-与我尝试做的事情的关键区别在于,我们无法存储未加密的密钥",并且使用用户密码是有问题的,因为(除了另一个原因)如果他们更改了它,则所有加密的数据都必须被更改.
We use this premise for storing passwords; we encrypt the raw password at application level and compare it to a pre-encrypted pwd at db level. This is obviously a very common method, but we have that input from the user - the crucial difference with what I am trying to do is that we can't store an unencrypted 'key' and using the user's password is problematic because (aside from another heap of reasons) if they change it, all the encrypted data would have to be changed.
我无法理解这个想法(您可能会猜到我不是密码学专家),但是他期望Google提出一些建议.不幸的是我找不到太多.对于任何从哪里开始研究的建议,我将不胜感激.
I can't get my head around this idea (you will probably have guessed I am not an expert in cryptography) but was expecting Google to throw up a few pointers. Unfortunately there isn't much I could find. I would be grateful for any pointers on where to start researching.
推荐答案
与我要执行的操作的关键区别在于,我们无法存储未加密的密钥",并且使用用户密码是有问题的,因为(除了其他原因)如果用户更改了密码,则所有加密数据将不得不更改
the crucial difference with what I am trying to do is that we can't store an unencrypted 'key' and using the user's password is problematic because (aside from another heap of reasons) if they change it, all the encrypted data would have to be changed
这两个想法可以带您到达大部分地方:
Those two ideas take you most of the way there:
- 使用密钥来加密数据(您想要的方式)
- 与其使用普通密码存储密钥,不如使用用户密码来加密密钥
- 在用户登录时,您将密码与单向密码本身进行比较(以通常的方式哈希/加盐)
- 匹配时,您使用密码解密数据加密密钥
- 然后您使用此密钥访问加密的数据
当用户更改密码时,密钥将使用旧密码解密,并使用新密码重新加密.花费很少的精力,无需重新加密整个数据集.
When a user changes their password, the key gets decrypted with the old password and re-encrypted with the new password. Minimal effort, no re-encrypting the entire dataset.
在我撰写本文时,这似乎是显而易见的/琐碎的.我不是加密专家,我也需要回答这个问题,所以请在评论中戳一下我的想法.
As I write this out, it seems obvious/trivial. I'm no crypto expert, and I need an answer to this question as well, so please poke holes in my idea in the comments.
这篇关于“零知识"指的是“零知识".mysql数据库加密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
