Home/ Questions/Q 8353517
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-09T09:17:18+00:00

I need to encrypt a column in MySQL and I am using AES_ENCRYPT. I

  • 0

I need to encrypt a column in MySQL and I am using AES_ENCRYPT. I want to figure out a safe way to use this data column in a WHERE clause. My question is this –

1) Can I AES_ENCRYPT the WHERE clause argument with the same pass-phrase and use the generated encrypted string in the WHERE clause? Or do I have to run decryption on the whole column?

For example, will this be safe?

SELECT * from TABLE WHERE Enc_COL= AES_ENCRYPT('someColValue','same_passphrase');

or does it have to be

SELECT * from TABLE WHERE AES_ENCRYPT(Enc_COL,'same_passphrase')= 'someColValue';

I believe the second one will be much slower and so, I want to know if the first example is possible.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Using

    SELECT * FROM `table`
WHERE `Enc_COL` = AES_ENCRYPT('text-to-encrypt', 'same_passphrase');

    should be fine. Just make sure there is an index for Enc_Col so you don’t have to scan the entire table for results. As long as you use the same input and key you will get the same output.

    Just a side note, don’t use the same key for more than one column (make sure to use some sort of IV or crytographic nonce that’s unique to each column you encrypt). If you encrypt all of the rows with the same key and your database is compromised, it makes it much more likely that someone can find the key.

    • 0