Does anyone use openssl within Ruby to encrypt data? I want to use a
hosted
MySQL database, but most of the hosting companies do not support MySQL
with the
aes_encrypt() or aes_decrypt() functions.
Most have Ruby bindings to MySQL and they support Rails. So, I thought I
could
use openssl to encrypt data within Ruby and then store that data in the
database. I don’t know if others are doing this. I thought I’d ask the
list to
see if others do this.
Brad
I’m not doing it ('cause I just don’t need it ;-). Anyway I think it
should work. However please note some possible problems:
you’ll want o have your records independent - therefore either
using ECB mode or special IV for each record.
you don’t want to have the same data in different places encrypted
into the same ciphertexts - therefore you’ll need either IV or some
kind of salt, that you’ll need to store somewhere (it depends on the
data you store, maybe a per row IV would be enough)
most probably you can’t encrypt the index fields, and search will
not work as usual on encrypted fields.
Taking this into consideration, it should be possible to create a
schema that will work.
(If you don’t know what these IV, ECB and salt things are, I recommend
reading something on cryptography, e.g. [1]. It’s easy to get crypto
wrong, and useless)