4

I want to make a system that needs to store some confident user information in a database. I intend on using OpenID for user authentication.

I would like encrypt the data in a way that it can only be decrypted when the user is logged in. What are the most common approaches to storing user's data securely in such a setup?

Paŭlo Ebermann
  • 22,946
  • 7
  • 82
  • 119
ThePiachu
  • 1,689
  • 2
  • 18
  • 26

1 Answers1

2

Let's have a look on how OpenID works.

Alice wants to log into Bob's website using Charles as her identity provider. (So, you are Bob in this scenario.)

  1. Alice fills her OpenID alice.openid.example.org into Bob's web form.
  2. Bob (or Bob's server, actually) transforms this into a canonical form https://alice.openid.example.org/, and fetches this resource to find out who is Alice's OpenID provider (https://charles.example.com/openID/)
  3. Bob redirects Alice's browser to Charles' web site, Charles then somehow checks that it is really Alice who is currently logged in (maybe asking Alice for confirmation), and redirects Alice's browser again to Bob, sending also some information about Alice for Bob along the way.

The information which Bob gets is either signed using a MAC with some previously negotiated common secret (between Bob and Charles), or will be later checked by direct interaction between Bob and Charles.

There is nothing in here which can be used as a private/secret key for Alice's user data by Bob, so there is no way Bob can encrypt something in a way that can be only decrypted with Charles' help (i.e. Alice's OpenID).

(Also, as Alice can use OpenID delegation, Alice can change here OpenID provider without changing her OpenID, and you surely want to have her data being still decryptable.)

Paŭlo Ebermann
  • 22,946
  • 7
  • 82
  • 119