jon23d Posted April 18, 2009 Share Posted April 18, 2009 I need to store sensitive data and make it accessible to an arbitrary number of admins. I will use SSL during transmission, but want to make it easy for admins to decrypt the data. This is what I've come up with, though I haven't the slightest idea how to begin with the public key encryption... - Admins are issued public and private keys when added to the system (can private key be as simple as a strong password?) - Each time an admin is added, all data will be un-encrypted using the currently logged-in admin's key, then re-encrypted using the new admin's key, and finally stored as a new record linked to the admin account. This way each admin has a separate copy of all records, only available to be unencrypted by him or her. If an admin is fired, all linked records are then deleted. Does this make sense and seem reasonable? I'm confused as to whether I use openssl, or if mcrypt provides everything I need. Thanks Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.