Please be aware that the content in SAP SQL Anywhere Forum will be migrated to the SAP Community in June and this forum will be retired.

Alternate Encryption Methods?

1

I need to encrypt some data, store it in the database, and decrypt it in a client application. I see that SQLA11 has an ENCRYPT() method, which is great, but it only supports AES128 and AES256 encryption. Unfortunately, I can't decrypt using those methods. Is there any other means of encrypting data in SQLA? Perhaps RSA RC4?

asked 04 May '10, 17:12

Jason%20%27Bug%27%20Fenter's gravatar image

Jason 'Bug' ...
158669
accept rate: 50%

One Answer:
active answersoldest answersnewest answerspopular answers
2

SQL Anywhere offers AES and FIPS-approved AES encryption for the database file. For Transport Layer Security we offer RSA, FIPS-approved RSA and ECC encryption for the communication stream between the client application and the database. Is there a specific reason AES encryption for the database and RSA/ECC TLS is not sufficient?

permanent link

answered 04 May '10, 20:28

Josh%20Savill's gravatar image

Josh Savill
510135
accept rate: 27%

1

As a comment, I do not see why calling an encryption method in the application, then inserting encrypted data into the database wouldn't work. Just make sure you using the same method for encrypting/decrypting the data.

(04 May '10, 20:33) Josh Savill

I have one system encrypting the data and a second system decrypting the data. This explanation may require more than one comment so...

The database has an exposed web service for registering customers. The client provides a couple of identifiers. The database validates them and generates a "key". This "key" is passed back to the client through said web service.

The client stores this key locally. The client must be able to decrypt this key and validate the contents. This is to keep someone from simply adding dummy keys to the local data store. That local data store may not be SQLA. (end)

(04 May '10, 23:06) Jason 'Bug' ...

@Jason: Then I think you should use an encryption method that is available outside the database (and wich might be used inside SA by means of an external procedure call). So maybe a classic C-style library might be useful.

(05 May '10, 09:13) Volker Barth
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

learn more about Markdown

Question tags:

×48
×46

question asked: 04 May '10, 17:12

question was seen: 2,653 times

last updated: 04 May '10, 20:28

Related questions

best way to encrypt a database

What impact will the switch to OpenSSL have on SQL Anywhere strong encryption?

Does the use of OpenSSL have influences on database encryption?

Password encryption for ODBC

How do I convert a long binary (from ENCRYPT) to a url encoded value?

need to encrypt communication between client and server

simple encryption question

HELLO! What is the minimum privilege for dbbackup -x?

JDBC Java ConnString / EncryptedPassword (ENP) connection parameter

crypto functions and hex strings - am I working too hard?