Hi
i am using crypto api for encrypted data and showing data in decrypt format.but the problem is i have mobile number field and Age field and datatype is Integer but after encryption we are storing data in alpha numeric character.we dont want to change Integer datatype to Text.is there any way to resolve this issue?
any suggestion
Hi Arkyadeep,
A mobile number field should never have the data type integer, as 1) a phone number needn't be fully numeric (e.g. "+31-(0)123-45678"), 2) depending on the number of digits it may overflow an integer and 3) long-distance phone numbers often start with a "0", which you can't do with an integer.
As for Age, you can easily convert from an Integer to a Text (which is automatic, but you could use an explicit IntegerToText()) and back (using TextToInteger()). Obviously, you need a Text when you are encrypting things, but you can convert decrypted content back to the original data type (same with e.g. Dates).
Hi Kilian
hope you r doing good.phnumber field is clear.but i have some doubts in Age field.we are storing encryption key,record value in database for that reason we have changed the datatype of Age field integer to text.encryption value is alpha numeric for that we have change the data type of Age field to text.is it right approach?need your suggestion.
If you want to store the data in the database encrypted, you will need to have all Text fields. However, there are, in general better ways to secure your data.
For one, if you store the encryption/decryption key in the same database as the data you encrypt, then you could just as well not encrypt it, as any hacker with access to the database can retrieve the key and decrypt the data.
Secondly, if you encrypt data in the database, you can no longer search on it. There's no way to retrieve e.g. all people with a certain age.
Thirdly, age is such a short string (people will be 0-99 in general, so only two characters when converted to a string) that there will be only a maximum of 100 different encrypted ages in the database. Know one age, and you know which people have the same age.
Fourthly, encryption/decryption of data this way is slow. When you want to present a list of people with their data, it may take a considerable amount of time decrypting each individual data item.
If you really need the data in the database to be encrypted, I'd look at encryption at database level, instead of trying to do what you're doing now. It seems insecure, inefficient and provides only fake security.
Thanks for the clarification.its really helpfull for us.
You're most welcome. I hope you manage to find something that covers all your needs :).