API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 28th, 2016
139
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.00 KB | None | 0 0
raw download clone embed print report
  1. ## What is this?
  2. A way to encrypt data on mysql and then decrypt in javascript.
  3.  
  4. ## Why is this useful?
  5. Sometimes you have data in your mysql database and you want to pass this data to a JS app.
  6. For example, say you want to run an email campaign and you want to send emails to users from your mysql database. In this campaign you want ppl to click a link and when clicked you want the target site (your site) to be able to **identify the user**.
  7. You _could_ pass the user-id as plaintext. Or the email as plain text. But that would be insulting the user's intelligence plus you might leak information "in the face" of a user.
  8. If you want to pass information from mysql to javascript and be able to obfuscate this info such that it isn't in the face of a user, this method is simple and effective.
  9.  
  10. ## This is not "secure"
  11. Please note that the encryption method used here `aes` in it's simple form of use isn't considered secure and is known to be susceptible to several attacks so if you need to encrypt something really secretive you'd have to do something better than what mysql has to offer.
  12. However, if you only care about obfuscating your data in a reasonable way, then `aes` would do.
  13. `AES` isn't trivially breabable, but with many data repititions etc it is breakable. Obfuscation wise, that's good enough though.
  14.  
  15. ## Example
  16. Here's example result of the encryption function:
  17. ```
  18. mysql> select email, hex(aes_encrypt(email, "my very secret key")) from (SELECT "me@example.com" AS email UNION SELECT "her@example.com" UNION SELECT "us@example.com") as emails;
  19. +-----------------+-----------------------------------------------+
  20. | email | hex(aes_encrypt(email, "my very secret key")) |
  21. +-----------------+-----------------------------------------------+
  22. | me@example.com | 36B8A66AA699DDB61BB1F88BB9ECB313 |
  23. | her@example.com | FCF18D1DBA4751B8D83CC6F8685A5702 |
  24. | us@example.com | B2E8122DE0725AEB551536D06037114A |
  25. +-----------------+-----------------------------------------------+
  26. ```
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!