I have an application where I want to be able to encrypt large amounts
of text before storing them to my DB (MySQL Text field - might be
switched to a Blob). I have an idea of how to do this, but was
wondering what the general consensus is within the community regarding
I have come across a couple different plug ins/gems (Stringbox,
EzCrypto), but am wondering what other people are using. I like the
idea of using Symmetric-key cryptography (and in particular, I would
like to be using Twofish), and then probably encrypting the random
password and IV for each encryption using a public key scheme.
I guess I am wondering what other people's response to such an
approach is, and whether or not there are suggestions for other
approaches. My main concern with the approach noted above is how to
secure the private key used to encrypt the key and IV used to encrypt
the actual text.
I am also wondering if using Twofish is possible with a Rails app.
From what I have seen in the openSSL documentation, only Blowfish -
the predecessor to Twofish - is availble, or AES.
Looking forward to hearing any feedback.