Encryption between web service users

2
votes

I've got a web service (similar to an online store) where users save their data. I need to encrypt that data, so that only managers and users themselves could read that data.

Every manager and user has his own password stored hashed in the database.

First i've thought to use RSA(public/private keys), but i can't figure out how to gain access to the encrypted data using different passwords of managers and users.

BTW: i can prompt user and manager to enter his password every time they try to access encrypted data (compare with hashed one in database and decrypt secured data).

Please help and excuse me for my poor English. Thanks in advance!

EDIT: the simplest way is to use hardcoded master-password for both encryption/decryption, but i think that is very very insecure.

EDIT2: ok, i think i've got the idea: 1. generate unique key 2. using symmetric encryption encrypt data with unique key from (1) 3. encrypt unique key from (1) with user's password and store it with user's credentials 4. encrypt unique key from (1) with manager's password and store it with manager's credentials

now when manager wants to access data, i prompt him for a password, then decrypt hash from (4), get unique key from (1) and decrypt secure data. decryption from user is the same: (3)->(1)->data

so now problem is to make this available for multiple users->user_data/managers, lol

EDIT3: forgot to mention: users create data once and then managers use it for internal use.

2
phppasswordsrsaencryption
The problem with the approach you've outlined in EDIT2 is when the data is created, each user involved will have to enter their password.sidoh
@sidoh yep, that's right. from the user point of view it will seem that he creates data and secures it by his password. and even if hacker steals database, he can't decrypt user data cause user's password is also hashed.user1044084
Right. My point is, though, that if you need to allow access to the data using more than one password, you'll always need to have at least two passwords at a time. This sounds annoying for the users, right? Every time a user creates data that the manager should be able to access, both the user and the manager will have to enter passwords.sidoh
Also, you'll have to keep N copies of the data, where N is the number of users you want to allow access.sidoh
oh, sorry, i didn't mention: users create data once and then managers use that data for creating internal use docs.user1044084

2 Answers

1
votes

If you don't mind prompting for the password every time the user needs to access the data, you might consider using the mcrypt php module. Make sure to do your research before implementing anything, though. It's quite easy to use insecurely if you're not careful.

0
votes

I believe you should use standard - proven technologies. It sounds me like the way should be SSL connection and well secured server. I believe you definitely do not need to encrypt data, but just provide access only for its owners or by some privilege hierarchy (by webservice security logic). If you need to protect data against disk stole, use encrypted partition by operating system.