How to store encrypted confidential user information in the database, which will need to be decrypted at runtime?

Question

I am creating an application where I need to store client's information(Like their API Keys and API Secret to access my service, along with other confidential information).

Now, in the database, I want to store these in the encrypted format. In this regard, I decided to with symmetric key cryptography, AES in specific to encrypt the details.

However, for security purposes I want to use a different AES encryption key on a per client basis, so that even if the DB is compromised, all the data cannot be decrypted using a single key.

However, due to obvious reasons, I do not want to store my private keys in the DB with the encrypted informations.

So, I cannot seem to decide how to store my keys, especially since I need to have a binding that which key belongs to which client.

How can I achieve this, and which is the best approach in scenarios like this?

Answer 1

Use a KDF to derive an encryption key from the users password and then use this key to encrypt their private information.

When any action is to be taken that requires their API secret or whatever other private data you are storing, simply request the users password and use it to derive the key again and use the key to decrypt.

If you want users to be able to change their password, add an intermediary random key for each user and use this key to encrypt their data. Use the key derived from their password to encrypt the random key. Then when changing the users password, you only need to decrypt and re-encrypt the random key.