PHP app with sensitive data - encrypt/decrypt

Question

Im in a project that we need to build an app to store sensitive information in a mysql db. I want to have a key reused in the app because we need to encrypt inputed data and decrypt later to show the information.

I'm studying libsodium, but I have a question... They recommend to dont reuse the key and nouce, if we follow this, we won't be able to decryt later!

Can someone instruct me how to deal with this?

We will build a method to erase / change key on a possible breach!

Answer 1

This is really a broad question. It really depends on what info you are saving and how sensitive it is. This link describes encryption types and usage.

https://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html

One example is using AES_ENCRYPT and AES_DECRYPT.

Here is a Quick example of AES_ENCRYPT and AES_DECRYPT MySql functions.

1. Set you database table to a Binary Type I use BLOB.

2. Second create a key to work with.

3. Insert into db encrypted.

4. Select decrypted data from the database.

This will Generate a Random string.

function randomString($length) {//This is a function to create a random String.
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$string = '';    
for ($p = 0; $p < $length; $p++) {
$string .= $characters[mt_rand(0, strlen($characters)-1)];}
return $string;}
$ourKey = randimString(16);//get our String in a Varable($ourKey).

Use the AES_ENCRYPT MySQL function on your Insert.

$ourInsert = "INSERT INTO MY_TABLE(FIRST_NAME, OUR_KEY)VALUES(AES_ENCRYPT(FIRST_NAME,'".$ourKey."'), ".$ourKey.")";

Use the AES_DECRYPT MySQL function to decrypt it.

$ourSelect = "SELECT AES_DECRYPT(FIRST_NAME, OUR_KEY) AS FIRST_NAME";

For passwords and more sensitive data use PHP's password_hash() function. You db table needs to be at least 75 CHARS for this. Here is a link that Explains in more detail.

http://www.php.net/manual/en/function.password-hash.php

Note that you cannot decrypt password_hash only match against other data.

Example of how to use password_hash to hash the password and insert it into the db.

$hashedPassWord = password_hash(users password, PASSWORD_BCRYPT, array("cost" => 17));
$insertPass = "INSERT INTO MY_TABLE(PASSWORD)VALUES(".$hashedPassWord.")";

and to check against the hashed password select the password from db and use password verify to match it against the hashed password.

if (password_verify(users_input, db_password_hash)) {/*do something*/}

Note this just covers the very basics. There are other things you need to do like using prepared statements with PHP and escaping strings. I just touched a bit on encryption to get you started.