dongxuan8227 2010-10-27 23:46
浏览 1383
已采纳

我应该如何存储AES加密密钥?

I run a DV 3.5 server on MediaTemple with Linux CentOS 5, php and mysql DB and am trying to encrypt phone records with AES.

I came across what seems to be good script as PHPAES

but I am not sure of the following:

  1. Where do I actually store the AES Encryption key used to encrypt and decrypt the phone number?

  2. How do I call on the AES encryption key when a user submits their data via form and stores into our MySQL database?

  3. When I want to descrypt that information for our internal customer service agents - how do they in turn call on the AES key?

I realize this is probably very simple but please don't insult. I am trying to learn best practice for how to move forward with any type of encryption whatsoever. Something (to this point) we have not had need for.

  • 写回答

2条回答 默认 最新

  • dtz30833 2010-11-03 16:08
    关注

    I actually ended up going this route:

    I encrypt the initial data with a salted hash which is stored in the database itself (and is unique to every record stored). I then take that 256bit AES encrypted string and run it through RSA encryption with my public key which sits server side.

    in order to decrypt, I have to upload a temporary file with my private key and retrieve the necessary data.

    quite secure in my opinion.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥20 有关区间dp的问题求解
  • ¥15 多电路系统共用电源的串扰问题
  • ¥15 slam rangenet++配置
  • ¥15 有没有研究水声通信方面的帮我改俩matlab代码
  • ¥15 对于相关问题的求解与代码
  • ¥15 ubuntu子系统密码忘记
  • ¥15 信号傅里叶变换在matlab上遇到的小问题请求帮助
  • ¥15 保护模式-系统加载-段寄存器
  • ¥15 电脑桌面设定一个区域禁止鼠标操作
  • ¥15 求NPF226060磁芯的详细资料