Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Encryption using Advanced Encryption Standard (AES)

0 Kudos
663

Hi Colleagues,

We are looking at a use case scenario to encrypt certain personnel data (for e.g. Social Security Number or Bank Account No) using AES algorithm. We would like to encrypt and decrypt the personnel data so that unauthorized user won't be able to see the critical data. I appreciate if you provide certain information on:

Do we have standard SAP functions (ABAP) to encrypt and decrypt the data based on AES 128 algorithm?

If yes, does the functions belong to SAP NW 700 or higher release so that we can use the standard functions for encryption and decryption?

I also undertand that the encryption is not allowed because of German laws but if customer is in APJ region then what is the option to provide encryption using AES? Please let me know if you need more information.

Best regards,
Amit Nagar

2 REPLIES 2

mvoros
Active Contributor
0 Kudos
223

Hi,

SAP provides only one interface that allows you to encrypt/decrypt data. It uses format PKCS#7. For example it's used by SAP to protect credit card details. I would strongly suggest to use this interface. AES in CBC mode is supported. All 3 key sizes are supported. Implementing crypto is really hard and this interface solves almost all issues. Search this forum for more info how to define parameters of encryption plus check function group SSFG.

German law does not have any direct impact on you. There might be some restriction on exporting crypto from Germany but you can definitely use encryption to protect sensitive data. There might be even legal requirements to do it in your country.

Cheers

Former Member
0 Kudos
223

<spam_removed_by_moderator>