Using AES_ENCRYPT For 256 Bit Encryption
I just started using AES_ENCRYPT to encrypt records in my databases. For the most part, the default 128 bit encryption is fine. But, I would like to use 256 bit for one of my forms. According to the MySQL documentation you can use the function for either 128 or 256 but I don't understand how to get it to do 256.
The documentation says:"Encoding with a 128-bit key length is used, but you can extend it up to 256 bits by modifying the source." - http://dev.mysql.com/doc/refman/4.1/...functions.html
What source do I have to modify to get it to use 256?
View Complete Forum Thread with Replies
See Related Forum Messages: Follow the Links Below to View Complete Thread
AES_ENCRYPT
try following statement from mysql command line client select AES_ENCRYPT('company','zyxwvutsrqponmlk'); everything goes haywire when I try to use AES_ENCRYPT .
AES_ENCRYPT Function
Essentially I am playing around with the aes_encrypt fucntion to securly store some data in the db. The problem I am having is that I get the following error : Data truncated for column 'foo' at row 1 and the table creating was done with: CREATE TABLE `foobar` ( `foo` varchar(10000) default NULL ) ENGINE=InnoDB DEFAULT CHARSET=utf8 with a varchar(10000) and doing and AES_ENCRYPT('foo','bar') one would think that it would work. But I suspect that I am doing something incorrectly.
Aes_encrypt Values
I guess if explain my situation first it should help a little better... I have a table with some empty fields and some numbers I wish to encrypt. I perform a select statement to check how many fields are not empty (I get 56), e.g "SELECT number from customer WHERE NOT number = '' "; I then encode this using AES_ENCRYPT(number,keystr) Then try the count query again as written above but this time I have fewer entries (I get 3) that are not empty. Which is odd because I can then decrypt these records and I get my 56 records back again. Any ideas why this may be? I am using tiny blob as the field by the way, do I need to perform some sort of php string function on the numbers before storing them do you think?
AES_ENCRYPT And AES_DECRYPT
I have recently updated my system from using MySQL 4.0 to MySQL 5.0. The thing is, none of the encrypted fields are being decrypted correctly when using Connector/J. I did get the newest version of it but still no luck.
Query Error (AES_ENCRYPT)
I havae a user database set up where the passwords are encrypted using AES_ENCRYPT with the date the user joined being the salt for each user. The inserts work fine for the password, but for some reason I'm getting an error on this statement below when I try to update.... update users set password = AES_ENCYPT('123456', '2005-09-15 22:11:06') where user_id = '806' You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '('123456', '2005-09-15 22:11:06') where user_id = '806'' at line 1 Any idea what is going on here? BTW... the password field is set up as a BLOB.
Aes_encrypt Aes_decrypt Problem
I'm using PHP 4 with mySQL. I'm using aes_encrypt and _decrypt to store customer information as securely as possible. The problem crops up when I go to store (or retrieve -- I'm not sure which) the state that the customer lives in. AL works for Alabama GA works for Georgia fl works for Florida FL returns an empty string. Does anyone have any ideas on what's happening here?
AES_ENCRYPT In Visual Basic
I'm writing an app with vb & mysql. for the user login - i tried aes_encrypt and vb reports function or sub not defined.
How To Calculate The Size Of An AES_ENCRYPT() Result
what I want is to calculate the result string for an AES_ENCRYPT() function, in the mysql manula says:the result string length may be calculated as 16*(trunc(string_length/16)+1) but I dont know what value trunc has. Could any one please explainme how to calculate the max size of an 10 chars max wide password value?
What Encryption Is This?
This is a varchar in my db, its my password and I want to change it but I don't know what kind of encryption it is. aatiAMXx.sDOA
Encryption
I heard you could encrypt things in MySQL,how do I do it?
SSL Encryption
is it true, that MySQL 4.x can do SSL encrypted connections only with a server AND a client certificate? I've got a working SSL connection if I use both, mysqld and mysql with certificate, key and ca-certificate. How can I use SSL if the mysql client must not have access to the private key? Any help or links to a good documentation is welcome.
Encryption
Can anyone advise whether its possible to use the Encode/Decode functions on Windows (Win2K) platform in Mysql & PHP. A book i'm using says they cannot be used in windows yet i've managed to get my application successfully Encoding a password at the time of using an, 'Insert INTO' qry - its stored ok as a BLOB (field was set-up as a BLOB). Problem is i cannot use the DECODE() to reverese things. When tried i get a 'cannot excecute query' type mssg. Looked at MD5 and SHA1 but they are one-way funcs only. I like the look of AES and DES ENCRYPT/DECRYPT but can't get them to work either.
Encryption / Authentication
I need to find out if it's possible to do two things with mysql. The = first is external authentication, preferably with kerberos5, but PAM = will work as well. Second, encrypting the data stream. Specifically = with jdbc connections.
Looking For Encryption Tool
I have a prospect that needs to collect sensitive personal data via the web for mortgage applications. A certificate & SSL seems to protect the data from the browser to the server, but I need some way to encrypt the data for storage in mysql and (possibly) into a flat file for retrieval by the prospect. I have not been able to find a simple solution for this compatible with BSD and Apache.
Securing My DB With Encryption
I have set up two tables in our DB, and we want to add a third, but this one is credit card info, and need to be secured. What's the best way to do it by encryption?
Password Encryption
What I'd like to do is have an html login page using php to process the request, and then compare the input strings to a username & password stored in a SQL table. My question is though, what is the best way to store the password in the mySQL table. Is it better to store it as an encrypted value, and can I do this?
Password Encryption
currently using mysql with c# coding. I need to know how do i encrypt password so that it will not show the password in plain text when i access the database.
AES Encryption/Decryption
I have a questiosn regarding AES Encryption/Decryption. I understand the basics of how it works however i am stumped. What i am currently trying to do it have a table that contains user information. Now when an authenticated user views this information they are showing all there details in plain text. Thats fine but what i require is a master key so that if need be the system admin will be able to decrypt any data in the mysql db using there master key. Is there anyway to do this? either by design or code.
Data Encryption
I am using MySQL on a Windows XP system. I was wondering if there is anyway that I could use OpenSSL (I currently have beta 6 on a dev machine) with MySQL on Windows XP?
Password Encryption
When adding a password entry to a database I believe you can encrypt its value using PASSWORD(str) but could someone please confirm what data type I should use for the column in which it is stored?
Encryption And Decryption
i need a solution to the following requirement There is a column, for which data should be encrypted in the database, something like password, where the actual data should not be displayed when i say select * from tablename, instead, the encrypted text should be displayed, and that text need to be decrypted again, can anyone please tell me how to do it front end is java
Need To Modify Input For Encryption
I encrypted a database field using MySQL AES_ENCRYPT() from a command prompt. I can easily decrypt it because the code specifies a Query but the INSERT is an ADODB insert (see below): PHP runQuery($db ->GetInsertSQL($rs, $_POST, true)); I need to AES_ENCRYPT one of the $POST fields before it goes into this but I don't see how? Mcrypt is not installed on server so MySQL functions are what I need to use.
Credit Card Encryption
I am just having my first experience with storing credit card details into a mysql database with php. I am on a ssl server of course and everything works fine but I am interested in any other security recomendations. Currently CC details are stored directly into the database as they were typed, should I be encrypting the CC details with mcrypt_enrypt() before storing them and then dectypt them when displaying on the "view card details page"?
Securing The AES Encryption Key Using Windows EFS?
I'm planning on using AES encryption methods which require an encryption key. I don't want to store this key as a string literal within my Java front-end web application because of the security risk associated with reverse engineering the Java .class files and obtaining the AES encryption key. I was thinking of storing the AES encryption key in a file, and then reading this key from the Java application to use within the AES_ENCRYPT function. The file would be encrypted using Windows Encryption File System (EFS) since I'm deploying on a Windows server. Benefits I see to this approach are that the AES encryption key is stored separate from the .java application, and the file containing the key is encrypted to everyone except the Windows account that encrypted the file. The drawbacks are the application needs to have rights to accesss the file, the protection of the key now hinges on the Windows Account used to encrypt the file (if that is compromised then the key could be discovered); also, I need to further research where the private key used to encrypt the file is stored on Windows and how secure that is.
Login / Password Encryption
i am trying to create a very simple login system. all it does it input user data including a password and then when logging it it compares user name and password entered to find the user id (if exists) and then says you are logged in if a result was found. my problem is no results are ever found. i have found that no matter what i do the password() function never returns the same value when im trying to select a user id with password=password('$inputedpassword') in the query to look up the user id. so basically when i register the password is turned into a mess with password(), but wheni log in and use the same password() on it, it gives me something different. BUT if i register under another user name and then use the same password, password() will give me the same mess (i checked this in the databse). so i dont know why password() wont do the same thing when im using it in the query in login.php so that i can compare the passwords correctly. the only way i've been able to get this to login is to not encrypt anything. i have tried using md5 but that is giving me this same problem too. Code:
MySQL Logging And Encryption
If logging is turned on, is there a way to disable it for a given query? IE. If I query --> select AES_ENCRYPT("This is very important data", "lessthansecretkey"); Then my key and the value I'm trying to encrypt is visible in the log files.
|
TRACKER
