What is the best way to store the encryption key?

S

s2sk13372017-08-31 00:20:55

Encryption

s2sk1337, 2017-08-31 00:20:55

Hello. I am writing a website with database encryption, but what is the use of this encryption if the key is stored on the same hosting and the hoster has access to it? Even if I buy two different hostings for the database and a php script, then what's the point if the second hoster can simply take the key, data from the database and decrypt everything in one cycle? I do not want to substitute the client if something like this happens. He has not grown up to his DC yet. How would it be more correct to store the encryption key then?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

0

0xC0CAC01A, 2017-08-31
@0xC0CAC01A

I have bad news for you - strictly speaking, nothing, if without additional hardware. And then - what will the encrypted database give you if it will ever need to be decrypted for the site to work?

L

Labunsky, 2017-08-31
@Labunsky

If you really want to, make a separate server with an encryption key that provides an appropriate network interface for encrypting / decrypting information.
Then, for encryption / decryption, you will have to drive information through it without using the encryption key explicitly and without having access to it. Based on the wording of the question, this should be enough.