3

Is there a way to encrypt the whole data of a mysql DB using the AES 256 symmetric encryption method without encrypting the data manually using AES_ENCRYPT ?

This article explains about the same functionality in MsSql databases

asked Apr 28, 2014 at 14:18
5
  • 4
    Encrypt the hard drive? Commented Apr 28, 2014 at 14:22
  • Hmm... I prefer encrypting the data of the db and not the whole HD if it's possible Commented Apr 28, 2014 at 15:57
  • 1
    You could store the MySQL database on a separate partition and encrypt only that partition. Commented Apr 29, 2014 at 0:07
  • Correct me if I'm wrong - but, encrypting the partition itself helps only if someone tries to read the data without being already logged to the OS.. right? Commented Apr 29, 2014 at 11:51
  • What language are you using? Commented May 13, 2015 at 11:31

2 Answers 2

0

MySQL doesn't support data file encryption natively, but there are ways to do it. There is a product called Vormetric Transparent Encryption. Read info about it here: http://www.vormetric.com/data-security-solutions/use-cases/database-encryption But if you want to actually use SQL for this purpose, newer versions support AES_ENCRYPT() and AES_DECRYPT() (the official AES standard). You can read about the two functions here, in the mysql 5.x manual: https://dev.mysql.com/doc/refman/5.1/en/encryption-functions.html#function_aes-encrypt

So basically you can encrypt the data prior to the insert query. MySql wont know the difference. also, you will have to decrypt it when extracting any data.

answered Feb 5, 2015 at 6:57
1

XtraBackup provides such a functionality

answered Apr 29, 2014 at 17:57
3
  • sounds interesting. is it possible for live db and not only for backups? Commented Apr 29, 2014 at 20:12
  • I think you are looking for filesystem encryption. Commented May 1, 2014 at 6:50
  • I just found this presentation, pls read slide 53 and following: yassl.com/files/yassl_securing_mysql.pdf Commented May 1, 2014 at 7:22

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.