Re: PGP encrypt/decrypt - Prereqistes - Mailing list pgsql-general

From Craig Ringer
Subject Re: PGP encrypt/decrypt - Prereqistes
Date
Msg-id 4DF6F1E2.5050602@postnewspapers.com.au
Whole thread Raw
In response to Re: PGP encrypt/decrypt - Prereqistes  (Vikram A <vikkiatbipl@yahoo.in>)
Responses Re: PGP encrypt/decrypt - Prereqistes
List pgsql-general
On 14/06/11 11:51, Vikram A wrote:
> Dear Mr. Craig Ringer,
> Thank you for your response.
> I would like to crypt certain sensitive information in my applications
> such as Student register number, their marks, results etc. For this
> reason i done a study for doing encryption. Where I found that this PGP
> will help the encryption/decryption.

Sure. You can also just use a simple symmetric cypher for that sort of
thing, unless you know you need the ability to encrypt data without
knowing the secret key.

Since I presume your application needs to be able to *read* the data it
has written, and needs to be able to access that data in decrypted form,
I doubt you really need a public key system like PGP. Your application
will need to know the secret key to decrypt the data anyway.

> Any other methods/techniques are there for encryption?

Symmetric cyphers like AES. They're faster and easier to work with, just
a bit less flexible.

> I
> prefer encryption with "key"; key also should not be known to Developers.

All encryption systems use a key. Do you mean a separate public and
private key? If so: why? What specific advantages does that gain you in
your situation?

Public key crypto (for encryption) is mostly useful when you have
less-trusted users/clients/whatever sending you information that you
want to keep secret from other people and from other users, so only a
few people can *read* the information even though many can *write* it.
If this is your situation you might have a use for pgcrypto's PGP
support; otherwise I'd suggest using a symmetric key for simplicity.

As for secrecy: You can't really keep the key secret from the developers
if they will have any access to the production system (for testing,
troubleshooting, performance tuning, etc). That's because the production
system needs to know the decryption key, and if the system knows the key
the developers of the system can get it to reveal that key.

Even if you don't give the developers the key, nothing stops them
modifying the program so that it emails a copy of the key to them
whenever it loads a key, or saves an unencrypted copy to a file on a
shared drive, or whatever. If the production system has an Internet
connection or any access to any other resource the developers can access
as well, they can get the key.

--
Craig Ringer

pgsql-general by date:

Previous
From: Tom Lane
Date:
Subject: Re: determine client os
Next
From: Greg Smith
Date:
Subject: Re: determine client os