So I'm making a web app where users will upload sensitive data (private finances records), so I want to encrypt one column in one table that holds the value.
The table is "Movement" and the column name is "value".
I've done some research and find out I can use pgcrypto extension.
If I understood correctly, I need to use a public key approach (instead of symmetric) because I want only for the users that created the data to be able to access it.
So, I need to generate a public a private key, using a password, and then encrypt the file using the public key.
Then I can decrypt it using the private key and the password. So I have a couple of questions:
- Where should the the public/private key and the password stored?
- Every user needs their own public/private key and password?
- At which point do this keys/password need to be created? During user creation?