目次

Version 2, last updated by ebrigham at Dec 02 20:28 UTC

Disclaimer: The information below is not intended to be an exhaustive recommendation for securing your data. Instead it is merely supposed to illustrate how Lift can easily be used to obscure sensitive data in a DB such that it is non-trivial for an intruder to recreate the original data.

An Example

Let’s say that you have a customer’s credit card number that you must store in your database. This is not recommended in the first place, but some use-cases require it.

The goal here is to (1) prevent an attacker from easily reconstructing the original credit card number, and also (2) make it non-obvious from the perspective of a database observer. By this, we mean that a simple “select ccNumber from CreditCards” will yield results that are useless to the average observer.

Lift’s security helpers to the rescue!
You can generate a separate blowfish key for each credit card:


val key: Array[Byte] = Helpers.makeBlowfishKey
// encrypt the card number
val encCC: String = Helpers.blowfishEncrypt(ccNumber, key)
val pairForDB: String = Helpers.base64Encode(key)+";"+encCC

To get the data out of the DB:


import Helpers._
dataFromDb.charSplit(";") match {
  case key :: encCC :: _ => Helpers.blowfishDecrypt(encCC, Helpers.base64Decode(key))
  case _ => // yikes... it's not what I wanted
}