Where can I get AES encyrption for PHP and can AES encrytion be used for document storage?

I'm going to assume you're using MySQL. MySQL has AES encrypt/decrypt functions built in. So if you're encrypting data to be stored in the database, that would be handled in the SQL commands.As far as I know, PHPMyAdmin doesn't offer a GUI for doing encrypted fields.

You would need to type in the commands manually. Example: CREATE TABLE `test` ( `id` INT NOT NULL PRIMARY KEY AUTO_INCREMENT, `stuff` BLOB NOT NULL DEFAULT "" ); # Encrypted fields have to be of the BLOB type (tiny/medium/large variants okay) INSERT INTO test (stuff) VALUES (AES_ENCRYPT("My hovercraft is full of eels!", "password")); SELECT AES_DECRYPT(stuff, "password") AS stuff FROM test; Note that if you're encrypting stuff in your database, you should still use SSL on the connections (client to web server, and web server to database server) to protect the data while it's in transit. Now, on the PHP side, there ARE AES encrypt/decrypt functions available if you need to do the encryption/decryption on the PHP end of things.

If you wanted to integrate those into PHPMyAdmin it would mean modifying the source for the program and presumably submitting a patch. But I don't see the point really.

1 Thanks Will. I am actually storing important documents for clients. Basically our servers are secure, we have all sorts of things that block intrusions and we have safeguards in place.

And yes we do have SSL. But I wanted to take the extra step to encrypt the data "at rest" (db entries + docs) so that if somebody got access to it it would still require decryption thus making it difficult or impossible. Does this solution make sense given what I just mentioned?

Thanks again! – AAA Apr 19 at 23:47 @AAA: it depends. You could actually store the documents in the database itself (in a large blob field); note that this approach could cause performance problems.

Also, be sure MySQL is configured to accept SQL commands large enough for the incoming files. But basically, Dagon up top made a good point: if the encrypted data and the password are together on the same server, then an attacker could easily decrypt the data. So you need some way to keep the password and the data separate, which is tricky.

Lastly, note that if you lose the password somehow, your data might as well be gone. – Will Martin Apr 22 at 6:12.

Here: phpaes.com/ And yes, it is possible, check memory_limit in your php. Ini to avoid problems. However, if its for mysql storage, remember that you have cryptographic functions inside mysql: dev.mysql.com/doc/refman/5.5/en/encrypti....

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.