StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
3638662
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
3
CommunityOwnedDate
CreationDate
2010-09-03T18:43:27.740
FavoriteCount
0
LastActivityDate
2010-09-04T18:40:07.453
LastEditDate
2010-09-04T18:40:07.453
LastEditorUserId
20646
OwnerUserId
20646
ParentId
3638281
PostTypeId
2
Score
2
ViewCount
0
LastEditorDisplayName
text
Body
As you mentioned in your comment in Jesper's answer, "strength resides in the encryption key" and in the encryption algorithm. If both are strong, it should be safe. As far as I know, the technical weak link of a strong encryption and key is in the implementation, if any. Interested to know what application are you going to use this method for, if you can say it. Edit This is not exactly answering the question in the post's title, but I suppose it's relevant to your updated post: Assuming a strong and correctly implemented AES with CBC and IV, and that the attacker can access the table where you store the encrypted master key. There should be little security difference whether you're storing an encrypted master key using itself, or storing the cryptographic hash of the master key. Assuming both the cryptographic hash and AES in CBC mode are equally secure, the strength lies in the strength of the master key. If the master key is weak, even if an attacker cannot get the master key from the cryptographic hash of the master key, he'll be able to get the master key and hence the "certain values" via the "certain values" table. If using a master key to encrypt itself, he can get the master key via the "certain values" table or the master key table. Whether you opt to use the same cipher to encrypt and store the master key or cryptographically hash and store the master key, make sure the master key is strong. Seems like you're writing some open source system. My suggestion is that your system checks any potential master key against a regular expression (or a function), and reject that key if it is deemed to be not strong enough. I hope I have understood your post correctly as well. Disclaimer: I'm not a security expert nor in the security industry.
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POIs it safe to encrypt a string using same string as key?
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. USblizpasta
UserOwnerUserId
1. USblizpasta
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. COPlease see edit to my original question.
 singulars
 PostPostId
 PO
 UserUserId
 USwebmaster
2. CO@webmaster: I have updated my post.
 singulars
 PostPostId
 PO
 UserUserId
 USblizpasta
3. CORead it, thank you!
 singulars
 PostPostId
 PO
 UserUserId
 USwebmaster

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.