i did have similar thought in the past.
Encrypting the database base would solve any "Datenschutz" data
protection topic since the application provider would not be able to
even read the data of his customers.
However, I do not see any easy solution, yet. Just encrypting any
database data would destroy any orderings on indexes.
It would work when only using equivalence, but this is a hard limit.
The point of encryption should be the server.
When you doing encryption on client side you must offer the encryption
and decryption algo, too.
So it is likely to loose more than to win. (And it is difficult to
implement encryption without having an integral data type as it is the
case with javascript).
To hash the password on client side is equivalent as to put the
password in clear to the database.
You loose security when doing so. Any attacker would just send the
encrypted password, may be to a similar service using the same
approach!
Any attacker could substitude the browser and code when he has a legal
access to the service.
So he can get the encryption algo and apply it to other users.
The only thing which is under your control is the server.
Stefan Bachert
http::/gwtworld.de
Inquiries for professional GWT support are welcome.
I am sorry, I won't do free personal support.
On 31 Jul., 19:07, Sven <sven.ti...@googlemail.com> wrote:
> Dear group,
>
> I want to extend a GWT/GAE application by offering the option to
> encrypt information entered by the user on client side in the
> database. The goal is to increase trust when storing potentially
> sensitive data, e.g. to prevent that people who have access to the DB
> (like me) have read access to the stored information.
>
> For client-side encryption using GWT I found this post:http://www.mooreds.com/wordpress/archives/000529
>
> However, others do not even recommend to compute password hashs on the
> client and propose to do that on the server:http://www.owasp.org/index.php/Hashing_Javahttp://stackoverflow.com/questions/1238628/md5-hash-for-password-stri...http://stackoverflow.com/questions/695813/how-could-you-encrypt-user-...
>
> From user's perspective, I would not be comfortable with transmitting
> my data unencrypted to the server (even using HTTPS), as the server-
> side may for example log my information (and my password!). Especially
> for the password-part I would feel unconfortable, as many people tend
> to reuse their passwords (please no discussion about this :-)).
>
> Currently, I see two options:
> a) Encrypt and decrypt the information on the client using JS/GWT.
> Pro: The password never leaves the browser, the unencrypted
> information never leaves the browser. Con: Depending on the size of
> the data the encryption/decryption may be slow; if loaded via HTTP,
> the JS code may be compromised, etc.
> b) Encrypt and decrypt the information on the server. Pro: Fast. Con:
> The information is transmitted unencrypted.
>
> What would be your recommendation?
>
> In case of server-side encryption, would it make sense to hash the
> password on client side and to use the hash to encrypt/decrypt? Or
> would that be a no-go?
>
> What happens if the user forgets his/her password? All data lost, I
> guess?
>
> I have no deep practical experience with cryptography, so I would
> appreciate any suggestions or pointers to resources in the web. My
> goal is not to have a bullet proof solution for highly sensitive
> information, but it should be an improvement compared to the current
> implementation (no HTTPs, no encryption).
>
> Thanks
> Sven
>
> PS: x-post Google App Engine for Java, Google Web Toolkit
--
You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group.
To post to this group, send email to google-web-toolkit@googlegroups.com.
To unsubscribe from this group, send email to google-web-toolkit+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
No comments:
Post a Comment