Michael L Torrie torriem at chem.byu.edu
Wed Mar 23 12:12:48 MST 2005

On Wed, 2005-03-23 at 12:11 -0700, Eric Jensen wrote:
> Working on some encryption schemes and running into a few humps.  We
> have a great GnuPG scheme for encrypting all of our backup files. 
> Really digging the public and private key scheme.  But now we are
> wanting to encrypt specific fields in our database.  Reading MySQL docs
> and they have some good encryption schemes but it is all symmetric.  We
> would like the data to be encrypted with a public key and then during a
> special process of our choosing we decrypt with the passphrase protected
> secret key that isn't even stored on the server.  This way if there was
> every a compromise on the server itself the worst they can do is use our
> public key to encrypt more of our data.  I tried using GnuPG to encrypt
> strings, but MySQL sure doesn't like you passing it encrypted strings
> with all those crazy characters.  Anybody have any ideas?

Just escape the strings before you insert them.  MySQL will take them
just fine.  In PHP there's a function to do this.


> Eric Jensen
> .===================================.
> | This has been a P.L.U.G. mailing. |
> |      Don't Fear the Penguin.      |
> |  IRC: #utah at irc.freenode.net   |
> `==================================='

More information about the PLUG mailing list