I have some sql querys where im selecting rows near to the users location. With AES_DECRYPT i could do inside the query:
AES_DECRYPT(lat, :key)
I need the decrypted value inside the query to:
1. order them
2. delimit entrys in a given area
3. and similar things for other querys
A short example of one query:
SELECT something,
(
6371 * acos( cos( radians(".$userdatafromdbfetchedbefore['lat'].") ) * cos( radians( AES_DECRYPT(lat, :key) ) ) * cos( radians( AES_DECRYPT(lng, :key) ) - radians(".$userdatafromdbfetchedbefore['lng'].") ) + sin( radians(".$userdatafromdbfetchedbefore['lat'].") ) * sin(radians( AES_DECRYPT(lat, :key))) )
) AS distance
FROM
table
HAVING
distance <= ".$userdatafromdbfetchedbefore['maxrange']."
ORDER BY
e.orderdate
DESC,
distance
ASC
LIMIT
".$start.", ".$offset."
I can't select all rows on a different query and manipulate the result with php, that would be very ineffiecient with 100k + rows while the rows near the user might be only ~100.
Its very important for me to keep location data encrypted, i did not start my project because of unsecure encryption until now.
Now my question is how i can do the same thing with newly php implemented Libsodium ?
I couldnt find one example that would work. I just found a example with blind index where you can find a value if you encrypt the search term same like the stored one, but that isnt helpful in my case because i need to get the value to run that through the distance formula inside the same query.
Libsodium isn't built into MySQL, so you can't just call something equivalent to
AES_ENCRYPT()
from within a MySQL query and get the results you expect.However, an alternate approach is to use a library like CipherSweet, which provides searchable authenticated encryption. Make sure you understand its features and limitations before deciding to use it.
You should see something similar to this. The values in the
[0]
will change, but the values in[1]
will not. This is becuase[0]
contains the row data with (some fields encrypted).[1]
only contains blind indexes (usable later in SELECT queries).Note that the floating point fields will always produce a fixed-length output, even if the inputs have varying levels of precision. This is done intentionally to prevent attackers from learning information from ciphertext length.
If you select
ModernCrypto
instead ofFIPSCrypto
, all of the above will be done with libsodium. The exact encryption used by each is documented here, if anyone is curious.Note that you'll have to do your own calculations of the decrypted values in PHP rather than SQL.
After all, the whole point of encrypting data before storing it in a database is to hide it from the database server (and any attackers who could have compromised said server).