The database of my web app stores sensitive data. An attacker shouldn't have access to this data if he gains access to the database. That's why I want to encrypt this sensitive data in the database.
First I wanted to encrypt the users data with the user's username or password as key. The problem with this approach is that the user is able to change his username and password. In the case the user changes his user name the application can't decrypt the data that was encrypted with his old user name anymore. Also, the attacker has access to the user name of the user. Thus this wouldn't be a very secure solution.
The only other idea I have is to encrypt all user data with one global key. One drawback of this is that the whole system relies on one key. In this scenario I'm not able to change the key because of the incompatibility of the new key and the old data.
Do you have any better ideas on this problem?