I have certain information being stored in a MySQL database that warrants being stored in an encrypted form. However my .Net application can't absorb the perfomance hit of doing the encryption and decryption at the application layer.
Is there any MySQL function that allows an ecryption key to be specified in the connection string and then have the MySQL database do the encrption operations?
do you mean
AES_ENCRYPT
and
AES_DECRYPT
you can pass the key when you run the query
you can see an example
EDIT:
another option to use
DES_ENCRYPT() and DES_DECRYPT()
The key file can be specified with the --des-key-file server option
Related
I have migrated my existing SQL server database to MySQL server database using MySQL workbench Migration Wizard. Because these are two different database servers, I want to ensure there is no data loss along with stored procedures, triggers, and views, I mean everything is intact. I tried using the MySQL workbench Compare Schema wizard but that only works for two MySQL databases. Please suggest a way to achieve it.
First you should compare database schemas between SQL Server and MySQL to see if there is difference.
I don't think that field are missing, but perharps it needs data type adjustments, index adjestments, etc.
Second, once you fix database schema, you should verify imported datas, including:
total row number for each tables
Row contents
For both, the best is to write a verification script (PHP, node.js, python, etc.) that will list all tables of SQL Server, and for each table check row number, identity counter and then datas itself.
For moving or copying the MS SQL database table's schema into MySQL, you must map data types, find NULL constraint, and determine the field that is set as a PRIMARY KEY.
This procedure does not support conversion of indexes, foreign keys, identity columns, unique or other table constraints, and character set.
MySQL supports all the important MS SQL data types. However, there are some SQL server data types that do not match with MySQL data types. Some of the major data types you’ll need to map MySQL with are as follows:
SQL Server
MySQL
VARCHAR(max)
LONGTEXT
SQL_VARIANT
BLOB
IDENTITY
AUTO_INCREMENT
AUTO_INCREMENT
TEXT CHARACTER SET UTF8
SMALLDATETIME
DATETIME
DATETIMEOFFSET
TIMESTAMP
MONEY
DECIMAL(19,4)
UNIQUEIDENTIFIER
BINARY(16)
SYSNAME
CHAR(256)
Organizations may develop the need to migrate from MS SQL server to MySQL because of its rich feature-set, cross-platform and open source availability, and lower cost.
While migration from one database to another can be performed manually, it can be an extremely time-consuming and error-prone process.
A better alternative is to use specialized database converter software like Stellar Converter for Database, which is specially designed to help DBAs and developers automate the process of converting a database file format to another. The software converts table records and attributes from MS SQL to MySQL database quickly, while preserving database integrity.
I will take example of my case . I am using PostgreSql .I have gone through postgresql crypt() function documentation .
This function is provided as extension for postgresql .
If i migrate my data to another database by different vendor , Will the passwords still be evaluated properly or not ?.
If i try to compare the the hash generated in postgresql with hashing utilites provided by mysql/mongodb using same source string will it evaluate to be equal or not
According to docs, crypt()
Calculates a crypt(3)-style hash of password. When storing a new
password, you need to use gen_salt() to generate a new salt value. To
check a password, pass the stored hash value as salt, and test whether
the result matches the stored value.
It means if you migrate your data to another database (if stored hash value is part of your data of course), the result of comparison will not depend on the system.
Can you move up the encryption/decryption to the application level? In that case, you can migrate data as encrypted and other database vendor don't need to worry would consider them as normal data?
Another option is to encrypt disk level instead of applying encryption at a database level.
After going through lot of posts it came to me that encrypting at application layer is better . like for example to encrypt passwords in java, we can use jBcrypt library .
Please help me with the following task:
We need to store all data in MySQL (important) encrypted (mostly int, float, double) so no one could read the raw data in the MySQL in case of hacking.
Project is built on PHP + MySQL (Yii framework)
Please advice any solution, preferably free one :)
Thanks!
You have to hard work about indexes, because encrypted data cannot be indexed so searching that row will not be easy.
I recommend Aes :
AES_ENCRYPT() and AES_DECRYPT() can be considered the most cryptographically secure encryption functions currently available in MySQL.
INSERT into user (first_name, address) VALUES (AES_ENCRYPT('Person', 'myword'),AES_ENCRYPT('Person', 'myword'));
SELECT AES_DECRYPT(first_name, 'myword'), AES_DECRYPT(address, 'myword') from user;
Aes Encrypt Explanation:
http://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html#function_aes-encrypt
Aes Decrypt Explanation:
http://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html#function_aes-decrypt
All Mysql Encryption and Compression Functions :
http://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html
This article is best about Mysql Database Security:
http://www.greensql.com/content/mysql-security-best-practices-hardening-mysql-tips
I need to encrypt some specific columns in mysql database. I researched and found few ways like AES_ENCRYPT functions, but these solutions requires sending the key value in the query.
I am looking for a solution where password can be stored in database some location and mysql can automatically use that value to encyrpt or decrypt that particular column?
Thank you.
I created an asymmetric key on one of my SQL servers (2008). I encrypted a password field and I am able to retrieve that password just fine on my development server.
The issue comes into play where I need to move this data to a production server.
Here is the code for the key that was created:
CREATE MASTER KEY ENCRYPTION BY PASSWORD='#########'
CREATE ASYMMETRIC KEY UserEncryptionKey
WITH ALGORITHM = RSA_2048
Now, when I run this on the production server, it creates the key just fine. However, when I run my sproc to get the password, it returns NULL.
SQL:
SELECT EncryptByAsymKey(AsymKey_ID('UserEncryptionKey'), Password )
FROM Users WHERE UserName = '######'
Any thoughts on what I need to do to get the encrypted field to work on multiple SQL Servers?
Please let me know if I need to clarify something.
Thanks
Do not move encrypted data from a database to another. Technically is possible, true, but you will likely compromise the key in the process so I rather not tell you how to do it.
When data is exchanged between sites, the usual procedure separates the key management and deployment from data transfer. Data is decrypted before transfer and dedicate encryption schemes for data transfer are used, like TLS and SSL, that eliminate the problem of deploying and sharing the actual encryption keys.
Asa side note, normally one does no encrypt data with asymmetric keys. They are way too slow for data operations. What everybody does is they encrypt data with a symmetric key and then encrypt the symmetric key with an asymmetric key.