There is a task to encrypt a message with a key stored in HSM (LMK I suppose) to save the encrypted message in database. And decrypt later as well.
The commands I find are M0/M2. As I could see both commands require my own key in addition.
I may generate own keys somehow (with HSM or by another way), but how the message be encrypted finally? With the both my and LMK key? Some other way? And should I store my own key somewhere also?
Is it a more direct way to encrypt message with internal HSM key?
Thank in advance, I am very new with HSM Thales.
Commands M0 and M2 on a Thales 9000 Payshield are Encrypt Data Block and Decrypt Data Block respectively.
To use these commands, you have to provide a key in the M0 command which will be used to encrypt the data.
The key you use must itself be encrypted under an LMK keypair, which is stored in the HSM and should not be accessible to you (except in a test environment where you will normally know the values of all the test LMK keypairs).
To get that data encryption key, generate a ZEK, using command A0. The A1 response to this will give you the key. The key you receive is encrypted under an LMK keypair.
You can then use this key in an M0/M2 command to encrypt a given block of data.
You will need to store the key you receive in the A1 command (it's likely just 16 or 32 hex chars) as it is not stored in the HSM.
Encryption/decryption of any of this data will always have to be performed via the HSM, because only the HSM has access to the LMK keypair required to decrypt your key and make it usable.
Related
mysql has been encrypted
How do you decode it again?
I do not know the key value
And it was all returned as null.
If it is encrypted you can not obtain the data without the encryption key, that is the whole point of encryption.
I want to implement a system where by encrypted data can be stored alongside everything you need to decrypt it except a human memorable password. The system I have in mind is that the encrypted data would be stored with the key that was used to encrypt that data, only that key would have been encrypted again using the hash of the users password. There would then be another hash of the password also stored in the same place, but this hash would have used a different hash function.
The decryption process would be:
user enters password
the password is hashed using hash function A and that hash is checked against the stored hash to ensure it was correct
if the password was correct, you rehash the given password with hash function B to get Key 1
Key 1 can then be used to decrypt Key 2 which was used to encrypt a block of data
This way you could store unlimited encrypted data, all encrypted using different randomly generated AES keys that are all encrypted by the hash of the password (Key 1). Ideally you could give this block of data to anyone and they couldn't decrypt it without the password. You could also send the password hash and a single block of encrypted data over a network and the end user can decrypt it on their end assuming they know the password.
I know the standard response to these things is don't roll your own, but I would like to know out of interest what the security concerns are for this system. Primarily Could it work and what pair of hash functions should be used and why? I am also interested in what the standard way to achieve this would be.
I have a MYSQL server on a linux server. I am using AES encryption functions to store data in the DB server. Commands are like this ones:
INSERT into userc (name, town) VALUES ('john',AES_ENCRYPT('nebraska', 'usa2010'));
SELECT CAST(AES_DECRYPT(town, 'usa2010') AS CHAR(50)) town_decrypt from userc;
My concern on this kind of encryption is that everything needed to access my data is travelling in clear, so a sniffer or a Debug level log are capable of capturing everything.
Is there a way of not sending the key in the command, but having it stored on a file (/home/user/key.txt) and so calling the encryption in a way similar to this:
INSERT into userc (name, town) VALUES ('john',AES_ENCRYPT('nebraska', key1));
Where key1 is the reference to the file where the key is stored?
Looks like this was more a DB question, so I posted it there and got a solution. The proposal, now being tested is to create a user defined function (UDF) in C and load it in mysql. This, being coded in C can perform any action I need, reading a file, and geting the key from it, based on a parameter it got.
Of course this file has to be protected in some way so it is not exposed.
I have certain information being stored in a MySQL database that warrants being stored in an encrypted form. However my .Net application can't absorb the perfomance hit of doing the encryption and decryption at the application layer.
Is there any MySQL function that allows an ecryption key to be specified in the connection string and then have the MySQL database do the encrption operations?
do you mean
AES_ENCRYPT
and
AES_DECRYPT
you can pass the key when you run the query
you can see an example
EDIT:
another option to use
DES_ENCRYPT() and DES_DECRYPT()
The key file can be specified with the --des-key-file server option
I created an asymmetric key on one of my SQL servers (2008). I encrypted a password field and I am able to retrieve that password just fine on my development server.
The issue comes into play where I need to move this data to a production server.
Here is the code for the key that was created:
CREATE MASTER KEY ENCRYPTION BY PASSWORD='#########'
CREATE ASYMMETRIC KEY UserEncryptionKey
WITH ALGORITHM = RSA_2048
Now, when I run this on the production server, it creates the key just fine. However, when I run my sproc to get the password, it returns NULL.
SQL:
SELECT EncryptByAsymKey(AsymKey_ID('UserEncryptionKey'), Password )
FROM Users WHERE UserName = '######'
Any thoughts on what I need to do to get the encrypted field to work on multiple SQL Servers?
Please let me know if I need to clarify something.
Thanks
Do not move encrypted data from a database to another. Technically is possible, true, but you will likely compromise the key in the process so I rather not tell you how to do it.
When data is exchanged between sites, the usual procedure separates the key management and deployment from data transfer. Data is decrypted before transfer and dedicate encryption schemes for data transfer are used, like TLS and SSL, that eliminate the problem of deploying and sharing the actual encryption keys.
Asa side note, normally one does no encrypt data with asymmetric keys. They are way too slow for data operations. What everybody does is they encrypt data with a symmetric key and then encrypt the symmetric key with an asymmetric key.