There is a similar discussion on stackoverflow about encrypting and decrypting in SA16 where it works with minor issues, but there I have a more specific and problematic question: I do understant why SA12 can not decrypt stuff encrypted in other systems, because it does not has the capability of setting up specific parameters, but what about the other way around, decrypting stuff in C# encrypted in SA12 or earlier? All I know from SA12 documentation is that it uses Rijndael algorithm and has a random IV and the size 128 or 256 can be specified, but I do not know the padding, the cipher mode and am not sure about the data rawness format.

So long story short: Is it possible to decrypt data encrypted in SA12 outside of the database?

asked 21 Mar '14, 03:04

Valdas's gravatar image

Valdas
28791222
accept rate: 80%


No, it is not possible in v12. The algorithm itself is AES, but the way we break the data up into blocks for encryption, the IV we use, and the way we store the encrypted data are all proprietary and unpublished.

permanent link

answered 21 Mar '14, 06:38

Graeme%20Perrow's gravatar image

Graeme Perrow
8.5k371109
accept rate: 52%

Thank you for clarification.

(21 Mar '14, 09:01) Valdas

While I can't tell the details, here's a link to an older similar question from the NNTP archives:

@sybase.com/>">Is encrypt function algorithm true AES

EDIT: Unfortunately, the link seems to be rendered incorrectly because of the contained "@", I suspect), so I paste it as pure text...here

nntp-archive.sybase.com/nntp-archive/action/article/<42d81576.5b5e.1681692777@sybase.com>

In my understanding, that would mean the encryption/decryption with v12 and below is done in a proprietary fashion and cannot be decrypted/encrypted externally.

You may however go the opposite way and use an external crypto lib within SQL Anywhere via the external call interface and make sure that way that encryption/decryption within and outside the database are compatible.

As to the IV: AFAIK, before v10.0.1 there was no random IV used, v10.0.1 introduced a database option (i.e. the "encrypt_aes_random_iv database option) to use a random IV on demand, and v11 and above will always use a random IV.

permanent link

answered 21 Mar '14, 04:56

Volker%20Barth's gravatar image

Volker Barth
30.8k308456665
accept rate: 32%

edited 21 Mar '14, 05:03

@Graeme: Aside: Can you tell me why my cited NNTP archive link won't be displayed accordingly, and what I would need to correct that?

(21 Mar '14, 06:59) Volker Barth
Replies hidden

Even by looking at the original link you posted, I can't get to the right page. nntp-archive.sybase.com is pointing me at the web site for a law school in Florida so something weird is going on. But something's wrong with the URL to begin with - angle brackets are not allowed in a URL.

(21 Mar '14, 08:27) Graeme Perrow

Hm, for me (and FF 27.1) that exact link does show the desired page, as can be seen here:

alt text

And it's also the link I get when I search for "Is encrypt function algorithm true AES" with Google - though there the angle brackets are encoded with "%3C" and "%3E". Weird.

The following is just a test whether the link works when angle brackets and the at sign are encoded...:

nntp-archive.sybase.com/nntp-archive/action/article/%3C42d81576.5b5e.1681692777%40sybase.com%3E

EDIT: Apparently, that won't work either though the preview seems to display the link itself correctly.

So linking to the NNTP archives seems somewhat errorprone here... - possibly that will raise a general question:(

(21 Mar '14, 08:49) Volker Barth
Replies hidden

Nope, I still get a 404. Tried with FF 27.0 and 28.0 as well as Chrome 33.0, IE 9, and IE 11. I think the web server is having trouble - a Google search for "sybase nntp encryption function algorithm true aes" finds the page, with the same URL as you posted, but I still get a 404 when I click on it.

(21 Mar '14, 08:58) Graeme Perrow
Comment Text Removed

Do you also get a 404 if you add the "%3E" which seem to be omitted from the displayed link? For me, this shows the cited page.

(21 Mar '14, 09:07) Volker Barth

Volker: Your links work... if we use them on an 'outside' internet connection (i.e. the problem that Graeme is seeing appears to be related to the internet proxy)

(21 Mar '14, 09:18) Mark Culp

The 404 has to do with the SAP proxy. Without that, I do see the right page.

(21 Mar '14, 09:20) Graeme Perrow

So your employer wants you to have a look at a web site for a law school in Florida instead of the own old archives - hm, what am I supposed to think of that?

(21 Mar '14, 10:20) Volker Barth
showing 2 of 8 show all flat view
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×412
×33

question asked: 21 Mar '14, 03:04

question was seen: 2,372 times

last updated: 21 Mar '14, 10:20