NYCPHP Meetup

NYPHP.org

[nycphp-talk] Encrypt and decrypt to store in DB

Mitch Pirtle mitch.pirtle at gmail.com
Fri Aug 4 12:18:16 EDT 2006


I'd like to back this question up to the very beginning, and ask a
more fundamental question that's been nagging at me for several
days...

So a client comes up to you with an intent to require encrypted data
in the database. This of course requires two-way encryption, which
unfortunately means you gotta store the keys on the webserver to
decrypt the data.

So what additional security does this actually accomplish, and is
there a better approach?

-- Mitch



More information about the talk mailing list