First off, my understanding of encrypting and hashing:
- Encrypting – can be decrypted
- Hashing – can NOT be unhashed
When building a web application, I should:
- Encrypt the email address (will be used to login) with encryption key. It’s nice to be able to decrypt email addresses for later use (e.g. emailing users)
- Hash the password with a salt. No one should be able to see user’s password, so hashing (since it is one-way) is good.
If the above 2 points are right, where should I store the encryption key and salt?
If I store it in the DB, the seems a bit pointless should the DB ever be compromised. The benefit, though, is that I can assign a unique encryption key and salt for each user.
Should I store the encryption key and salt in my application’s configuration? If the DB is ever compromised, at least the encryption key and salt are not also compromised (hopefully). The problem with this is that it probably means that everyone shares the same encryption key and salt.
Suggestions on what to do?
If you encrypt the email at all, you need to do it with a common salt/key. Otherwise, how are you going to select a user by his email address from the db to check whether the hashed password is correct? You can’t decrypt every email address every time.
Overall, I think there’s very little to be gained from encrypting email addresses. Use MySQL database encryption if you want, but don’t worry about this at the application level.
The salt for hashing the password should/needs to be unique and can be stored in the database, in fact it can be part of the hash itself. See http://www.openwall.com/phpass/ for a good implementation.