I’m writing a php application that accepts sensitive customer data, and so I need to encrypt it before storing it in a mysql database. I’m going to use mysql’s built-in AES functionality to do column-level encryption.
I want to avoid storing the encryption key on the server, and so i’m going to provide a web-page for an administrator to log-in, and enter the encryption key. I want to store this key in memory while the application is running, but never permanently to disk.
What is the best way to do this?
Can I modify the $_SERVER array to store information between requests? Can I store the key with apache in some way? Maybe shared memory?
I ended up storing the encryption key in an in-memory table. All access to the database is done through a set of stored procedures; The stored procedures include the ability to do key management (i.e. insert key to memory-table, change keys, check if a key has been entered etc.), as well as store/retrieve application data.
With this design, the database credentials left on the application server only have the authorization to query through the set of defined procedures, and have no way to read the encryption key directly.
I liked this approach because: