Re: can I just encrypt tables? what about the app?
- Date: Mon, 29 Feb 2016 16:35:11 -0500
- From: "shawn l.green" <shawn.l.green@xxxxxxxxxx>
- Subject: Re: can I just encrypt tables? what about the app?
On 2/29/2016 3:13 PM, Reindl Harald wrote:
Am 29.02.2016 um 20:54 schrieb Gary Smith:
On 29/02/2016 19:50, Reindl Harald wrote:
cryptsetup/luks can achieve that way better
Only to a degree.
no - not only to a degree - when the question is "not store anything
unencrypted on the disk" the is no degree, but or if
Once the disk is unencrypted, you've got access to the
filesystem. If you've got physical access to the machine, then anything
which gives you console access gives you (potentially) access to the
underlying database files. If you can get those, it's trivial to get
access to the dataset that they contain.
However, if TDE is employed, then you've got another significant
obstacle to overcome: The data is only encrypted (aiui) once it's in
memory. At this point, you're needing to do attacks on RAM to get access
to the data - and even then, you're unlikely to get 3 bars for a jackpot
payout of the whole database schema, assuming a decent sized database.
in reality you don't need to hack around in the RAM - mysqld needs to
have access to key for operate with the data and so you need to find
only that piece
the same for encryption on the application side before send data to the
db-layer - see the start and subject of that thread how far people are
away from understanding how and on what layer things are encrypted and
what excatly is protected in which context....
there is no "turn this on and you are safe" without deeper understanding
Correct. As long as the key and the lock are on the same machine, there
will be some way of opening that lock. It's just a matter of how hard
can you make it to find that key. No data is perfectly safe. No crypto
is unbreakable. Ever.
Maybe the key only exists in memory while the daemon runs? You can hack
the memory to find the key.
Maybe the key is retrieved from another key service daemon. If you have
the credentials to impersonate a valid retriever, you are in the money.
The purpose of any encryption system is not to make it impossible to
read the data. It's purpose is to make it impractically hard for any
unauthorized parties to read it.
MySQL Senior Principal Technical Support Engineer
Oracle USA, Inc. - Integrated Cloud Applications & Platform Services
Office: Blountville, TN
Become certified in MySQL! Visit https://www.mysql.com/certification/
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql