On Fri, Feb 09, 2007 at 09:03:20 +0100, Olivier Boissard <olivier.boissard@xxxxxxxxx> wrote: > Thanks for responses. > I expose the context of my question : > > I need to install a server for a specific web application written in PHP. > This one works by making queries to a postgresql database. The database > contains confidential data. Who are you trying to keep this data from? Does this include the client? Who needs to see the decrypted data? Does the database need to in order to efficiently do queries? Does the webserver/php server need to or does it produce output that the end user can download and decrypt on their end? > For several reasons the server will be installed inside the Local > network of our client. I will not be able to supervise and control it. Again, is your client being treated as an opponent? Are you worried about other threats such as stolen servers or back up tapes? > As it's a fussy situation I am thinking about encryption. > I was thinking about PHP encryption solution (Zend or Ioncube) for the > web application protection. > But sensitive data must be protected too. Again, from who? > Pgcrypto seemed to be the encryption solution but I am not sure it's a > good idea because all keys will be located on server ( if I have well > understood) and the documention explain that the data will appear on > "clear text" for a short period. Whether or not that is a problem depends on what kind of attacks you are trying to protect against. If you are trying to protect against the case where the db server gets owned, having the keys on the server will make them available to the attacker.