Reputation: 8890
MariaDB/MySQL table encryption
This article provides an extensive discussion on the subject of encrypting MariaDB database tables. Another excellent resource is this one. The one thing they do not mention is where to define the table level encryption configuration. Am I right in assuming that this should be done by
- Placing the relevant directives, e.g.
plugin-load-add=file_key_management_plugin.soin the/etc/mysql/my.cnfsystem - creating the encryption keys
- restarting the MariaDB server and finally,
- issuing an
ALTER TABLE ENCRYPTED=YES ENCRYPTION_KEY_ID=NN;on each of the tables to be encrypted
Even if this is correct there is one question that springs to mind to me here - how would such encryption protect compromised data if the attacker gets access to the encrypted keys file at the same time? Would a possible solution be to store the encrypted keys on an NFS shared folder that is configured to be only accessible from a specified IP address?
Upvotes: 3
Views: 5539
Answers (1)
Reputation: 2499
This article should answer most of your questions regarding setting this up in MariaDB. The answer related to configuring encryption is in essence is "you got it right", but you should consider encrypting the log files too (the article describes how).
As for the latter, using an NFS-volume with limited access should offer good protection if the server is physically removed in order to steal the data, but for a situation where someone gains access to the system while it is live, it seems like a less solid solution. With access to the server, the NFS volume and file in question is likely easily available. Using a TPM (if your hardware allows it) to store the keys may be a better solution - it was designed to help solve problems of this kind.
Is it an option to link the encryption key to a user logging in? Consider using a second database (or server) for user authentication and encrypt the encryption key using the users login password and store it there. On a successful login - when the correct password is provided - you may decrypt the encryption key and then "unlock" the first (encrypted) database. This stores the encryption keys "in the user's heads" and is likely the safest options you have.
Upvotes: 7
Related Questions
- How to reset AUTO_INCREMENT in MySQL
- How can I output MySQL query results in CSV format?
- How to import an SQL file using the command line in MySQL?
- MySQL: Grant **all** privileges on database
- MySQL error code: 1175 during UPDATE in MySQL Workbench
- Insert into a MySQL table or update if exists
- Should I use the datetime or timestamp data type in MySQL?
- Can I concatenate multiple MySQL rows into one field?
- Duplicating a MySQL table, indices, and data
- Which MySQL data type to use for storing boolean values