| From: | Patrick Simcoe <patricksimcoe49(at)gmail(dot)com> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | |
| Date: | 2014-07-01 15:35:51 |
| Message-ID: | CAMJ77RkJsds7bwP0gRRZxCnuzq4bOi-tptwF-QMytCjYDODX2Q@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
I have a question regarding two-way encryption data for specific columns.
Does anyone have a technique or recommendation for two-way encryption which
somehow obfuscates the decrypt key so that it isn't easily retrievable from
the database or the application source code? We've already considered (a)
letting users hold the decrypt key and (b) obfuscating the decrypt key with
the user's own (one-way encrypted) password, but neither of these
approaches are viable for us.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Patrick Simcoe | 2014-07-01 15:42:04 | Two-way encryption |
| Previous Message | Rich Shepard | 2014-07-01 15:03:05 | Re: Validating User Login Within Postgres |