Doubts about cryptography
Hi to all. I'm new to cryptography, and although I've been reading about it and started trying to program with it I'm still having dificulty on grasping the concept of it.
I intend to encryp (and decrypt) data (2 varchar columns) from a table in a database. I'm developing a new web page of a web-application that runs in https. I have class that interacts with a connection pool to interact with my DB.
The amount of data to encrypt and save to the DB (when the submit of the webform occurs) can be some amount between 100 to 200 entries of data. After the submition of the data I also need to list it (decrypted).
From what I've read, I assume that in a situation like this (the encryption and decryption is made in the same application, lots of records to encrypt and decrypt frequently), the best solution would be to use simetric encryption, based on a passKey that I could associate with a specific ID maintaned in the DB (each record I want to encryp corresponds to a specific user record in the DB). But it have some doubts on if I'm taking the right approach or if I'm making a big mess of things...
So to summarize...
- need to encryp and decrypt data that is frequently changed (between 100 to 200 entries of data)
- web app that runs in https
- If I use just one secret key (or if I would use a pair of public and secret) it would have to be always the same... I couldn't generate a random key everytime the webserver has to be restarted.
So, taking in consideration this, the solutions I think I could use were this:
- simetric key based on a passKey (this way I could use a different passKey each time I need to encrypt or decrypt a specific record - part of the passkey can be made of info that corresponds to public info of the record I want to encrypt/decrytp);
- simetric Key or pair of public-secret Keys that has to be generated so that each time the webserver is restarted I can be sure the cryptographic Key is the same.
So, can anybody help me achieve some enlightment on this?
Thanks in advance....
