Storing Encryption Keys

Tap1 · March 11, 2011, 9:49am

Apologies if this type of question has been answered before.

I am designing a website for which just 100 people will be registering and will only be up for a about 1 month and have been asked to collect sensitive data which requires some extra security (ie identification numbers). Which is the best type of encryption for this, I have thought to use the AES_encrypt function (I’m programming in PHP). The problem that I have is that I don’t know how to store the key. I gather that it’s not good practice to store this on the same servers where you are hosting the database (I am hosting on a 1and1 package).

Will a php compiler solve the problem?

Thanks in advance.

kajfat · March 12, 2011, 1:53pm

You need to store keys on a different machine? Try to send each key with e-mail to some “backup” address, or simply use free ftp

logic_earth · March 17, 2011, 4:41pm

No and no. Never use Email or use FTP for anything sensitive or to be secured. That is a death wish.

Topic		Replies	Views
Best practice for storing encryption keys for secure logon Server Config security	12	2477	October 8, 2014
Encryption and storing sensitive information Databases	15	1392	April 29, 2010
Encrypting the entire database PHP	25	3183	May 13, 2010
How to Encrypt & Decrypt Key data stored in MySQL via Php PHP	3	18642	May 26, 2013
Keeping the database encrypted PHP	1	220	April 27, 2010

Storing Encryption Keys

Related topics