Hi all
I need some help with encryption, more specifically ways to use RSA to store and retrieve data. In summary, my problem is that I need to encrypt the data (and decrypt it when being called in views) of some fields of my models (with asymmetric encryption), but I cannot find the proper way to do so.
I know there are many libraries and packages but almost all of them use AES or other symmetric algorithms or are really old and deprecated or discontinued.
So far, I’ve tried with the following with both MySQL and PostgreSQL:
Override save() method to encrypt data with Cryptodome (so far this was the best option but problems started when I had to retrieve the data, implying that I had to modify the manager and its queryset method so I don’t have to modify all calls on the views but I could not find any examples other than filters in the documentation).
All of them but the last gave me database related problems, so I gave up on them since I will not be controlling the DB in production.
Any help is really appreciated.
I’m curious - since it’s the same process (Django) needing to encrypt and decrypt those fields, what benefit does an asymmetric encryption process provide?
It’s not a “benefit”, but it will certainly help to descentralize the “ownership” of the data, I mean, two entities will control public and private key respectively. Only certain columns will be encrypted in the db and since a whole department can access the public key to encrypt data and insert it if they want, only one entity (in this case, the server with the app) can decrypt it.
It’s just to encrypt and decrypt certain columns that can only be readable by the app I am developing since it has confidential data and the db department should not be able to read for its own.
Indeed, I’ve read some doc of Postgres, but as I’ve mentioned, I will not be controlling in any way the database for production, so any error that occurs it will be hard to solve it quickly, so I want to do everything as application-side as possible.
(However, I’m wondering how or why “a whole department” would have access to the public key. I would expect that to be as protected on the server as the private key would be - but that’s a different issue.)
Unless the department has direct access to the database outside the application, I’m not seeing how this helps.
And if they do have access to the database outside the application, I’m not sure that adding that layer of encryption in the application is going to be sufficiently comprehensive.
The problem is that you end up exposed to other channels where that data can be updated beside your application - or even application-layer mistakes where you fail to catch an edge-case that is inserting data directly.
You also potentially have a key-management issue to address - but that’s yet a different topic. (Think disaster-recovery / business-continutity type issues.)
If you want something robust, secure, and comprehensive, then doing it in the database is your only truly-viable option.