Hi, I want to encrypt fields in the database for some of my models using MySQL''s AES_ENCRYPT or a similar strength function, but I''m not sure how to do this. I need to be able to display the information later, so simply encrypting using a one-way hash with Ruby is out. Has anyone had any experience doing this? Tips, tricks? Thanks! -- Ryan Doherty ryan.doherty-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org
http://sentry.rubyforge.org -- -- Tom Mornini On Oct 22, 2005, at 2:22 PM, Ryan Doherty wrote:> Hi, I want to encrypt fields in the database for some of my models > using MySQL''s AES_ENCRYPT or a similar strength function, but I''m not > sure how to do this. I need to be able to display the information > later, so simply encrypting using a one-way hash with Ruby is out. Has > anyone had any experience doing this? Tips, tricks? Thanks! > > -- > Ryan Doherty > ryan.doherty-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org > _______________________________________________ > Rails mailing list > Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org > http://lists.rubyonrails.org/mailman/listinfo/rails >
Julian ''Julik'' Tarkhanov
2005-Oct-22 22:35 UTC
Re: Encrypting/Decrypting fields in database?
On 22-okt-2005, at 23:54, Tom Mornini wrote:> http://sentry.rubyforge.org > On Oct 22, 2005, at 2:22 PM, Ryan Doherty wrote: > > >> Hi, I want to encrypt fields in the database for some of my models >> using MySQL''s AES_ENCRYPT or a similar strength function, but I''m not >> sure how to do this. I need to be able to display the information >> later, so simply encrypting using a one-way hash with Ruby is out. >> Has >> anyone had any experience doing this? Tips, tricks? Thanks!You can also implement your own accessors to the field data that will encrypt and decrypt the field when hit. Your other option (if you really want to do it on the DB level of things) will be to use a _normal_ database with triggers. -- Julian "Julik" Tarkhanov
On 10/22/05, Julian ''Julik'' Tarkhanov <listbox-RY+snkucC20@public.gmane.org> wrote:> Your other option (if you really want to do it on the DB level of > things) will be to use a _normal_ database with triggers.Wouldn''t that fairly well defeat the purpose of encrypting the data in the database (if the trigger encrypted/decrypted the data)? -- Regards, John Wilger ----------- Alice came to a fork in the road. "Which road do I take?" she asked. "Where do you want to go?" responded the Cheshire cat. "I don''t know," Alice answered. "Then," said the cat, "it doesn''t matter." - Lewis Carrol, Alice in Wonderland