Home/ Questions/Q 3612400
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-18T21:59:39+00:00

I’m looking to store some fairly sensitive data using PHP and MySQL and will

  • 0

I’m looking to store some fairly sensitive data using PHP and MySQL and will be using some form of reversible encryption to do so since I need to get the data back out in plain text for it to be of any use.

I’ll be deriving the encryption key from the users’ username/password combination but I’m stumped for what to do in the (inevitable) event of a password being forgotten. I realise that the purpose of encryption is that it can only be undone using the correct key but this must have been addressed before..

I’m trying to get my head around whether or not public key cryptography would apply to the problem but all I can think of is that the private key will still need to be correct to decrypt the data..

Any ideas?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I’m looking to store some fairly
    sensitive data using PHP and MySQL and
    will be using some form of reversible
    encryption to do so since I need to
    get the data back out in plain text
    for it to be of any use.

    Protecting sensitive data is good. Now:

    • Whose data is it? (yours, your user’s, or a third party?)
    • What does it need to be protected from? (disclosure, corruption (accidental or intentional…)
    • Who does it need to be protected from
      • Uninvolved parties goes without saying.
      • Do you need / want to avoid accessing the plaintext data yourself (useful for deniability),
      • Do you need to protect either your user’s data from being visible to a third party,
      • Or a third party’s data from the user,
      • Or your data from the user or a third party?
    • What are likely attacks?
      • Do you need to protect in the case where the server is completely compromised?
      • Do you need to protect against an application level attack where the user simply gains access to some but not all available data (e.g. access to the SQL database, but not the filesystem)?
      • Will the amount of data be small enough that the attacker can guess and simply check whether he/she got it right? (short passwords, numbers, simple words, fixed form text are likely candidates)
      • Will the attacker have known plaintext with which to attack?
    • Is it better for the data to go away (or to re-retrieve the data) if the user forgets their password, or is it worth an increased risk of exposing the data to avoid that cost?

    There are probably other questions, but this is the type of thing you want to think about when using encryption. The answers will help you figure out what you need vs. what you want, and will probably help point in the right direction. You might not want to share all of the answers with us.

    I’ll be deriving the encryption key
    from the users’ username/password
    combination but I’m stumped for what
    to do in the (inevitable) event of a
    password being forgotten. I realise
    that the purpose of encryption is that
    it can only be undone using the
    correct key but this must have been
    addressed before..

    You might have decided on a solution without considering the impact. That doesn’t mean the solution is wrong, but this question suggests you should think about what you are willing to risk for security. Sometimes data will be risked.

    I’m trying to get my head around
    whether or not public key cryptography
    would apply to the problem but all I
    can think of is that the private key
    will still need to be correct to
    decrypt the data..

    This too sounds like a solution in search of a problem. Public key cryptography is useful when you have two (or more) separate actors with an interest in communicating data between them. Those actors can be real (people) or functional (components of a system), but without two actors, there is no reason to have a separate public and private key.

    • 0