Solved: Does the use of OpenSSL have influences on databas...

VolkerBarth · ‎2013 Nov 08

The CR Number 749256 notifies about changes to strong encryption - now achieved using OpenSSL, as of 16.0.1670 and 12.0.1.3977.

Does that also have any implications on pure database encryption (DBKEY=...) and the ENCRYPT()/DECRYPT() functions, which only do use symmetric encryption - and when not using FIPS mode?

The note is surely long but leaves these questions open, methinks.

graeme_perrow · ‎2013 Nov 08

My apologies, I meant to ask and answer a question similar to this preemptively, but I did not. The short answer is no, there is no effect on database encryption or the encrypt() or decrypt() functions. Databases that were encrypted before can still be read, and data that was encrypted using encrypt() with Certicom can be decrypted using decrypt() with OpenSSL.

In fact, other than using FIPS, database encryption is not affected by this because we use our own implementation of the AES algorithm. When using FIPS (i.e. creating a database and specifying 'AES_FIPS' or 'AES256_FIPS' as the algorithm), the OpenSSL library is now used, whereas before it was Certicom.

In a nutshell, the encryption and hashing algorithms are exactly the same, and so it makes no difference who implements them.

There are incompatibilities with TLS communication encryption but again, only when using FIPS. I will outline those in a different question.

Does the use of OpenSSL have influences on database encryption?

Know the answer?

Need more details?

Accepted Solutions (1)

Accepted Solutions (1)

Answers (0)

Re: Crystal Reports 2025 trial download

Re: CAP - JAVA action and function

Re: CAP - JAVA action and function

Re: SOST emails sent from which program

Re: SOST emails sent from which program