Home » SQL & PL/SQL » SQL & PL/SQL » Encryption (10)
Encryption [message #400239] Mon, 27 April 2009 04:48 Go to next message
maheshmhs
Messages: 93
Registered: October 2008
Location: Nepal
Member
Hi

I need to create a funtion to encrypt a supplied text. It should also possible to decrypt. It should be fast enough as it has to encrypt millions of records present in tables. Output should be of fixed length.

Any suggestions?

Thank you
Re: Encryption [message #400240 is a reply to message #400239] Mon, 27 April 2009 05:01 Go to previous messageGo to next message
Michel Cadot
Messages: 64132
Registered: March 2007
Location: Nanterre, France, http://...
Senior Member
Account Moderator
dbms_crypto.

Regards
Michel
Re: Encryption [message #400243 is a reply to message #400240] Mon, 27 April 2009 05:04 Go to previous messageGo to next message
maheshmhs
Messages: 93
Registered: October 2008
Location: Nepal
Member
But dbms_crypto doesn't give fixed length output. I need output that should have fixed length(50 chars).

thank you
Re: Encryption [message #400245 is a reply to message #400243] Mon, 27 April 2009 05:06 Go to previous messageGo to next message
Michel Cadot
Messages: 64132
Registered: March 2007
Location: Nanterre, France, http://...
Senior Member
Account Moderator
Pad it with what you want...

Regards
Michel
Re: Encryption [message #400246 is a reply to message #400245] Mon, 27 April 2009 05:10 Go to previous messageGo to next message
maheshmhs
Messages: 93
Registered: October 2008
Location: Nepal
Member
What if , it output already contains more than 50 chars?
padding would work if output is less than 50 chars.
thank you
Re: Encryption [message #400247 is a reply to message #400246] Mon, 27 April 2009 05:12 Go to previous messageGo to next message
ThomasG
Messages: 3189
Registered: April 2005
Location: Heilbronn, Germany
Senior Member
Then it might not be possible. For example, you can't store 300 characters of information in 50 characters.
Re: Encryption [message #400248 is a reply to message #400247] Mon, 27 April 2009 05:14 Go to previous messageGo to next message
maheshmhs
Messages: 93
Registered: October 2008
Location: Nepal
Member
But input or the plain text is never more than 50 chars.
There should be some way of doing it.

thank you
Re: Encryption [message #400253 is a reply to message #400248] Mon, 27 April 2009 05:51 Go to previous messageGo to next message
Michel Cadot
Messages: 64132
Registered: March 2007
Location: Nanterre, France, http://...
Senior Member
Account Moderator
There is one point you seem to miss. You cannot (should not) store your encrypted value in a string. Once encrypted, it is no more a string, it is binary data.
So why do you care about the encrypted length? Why this value of 50 and not 64?

Regards
Michel
Re: Encryption [message #400258 is a reply to message #400253] Mon, 27 April 2009 06:28 Go to previous messageGo to next message
maheshmhs
Messages: 93
Registered: October 2008
Location: Nepal
Member
It is because, i need to store its value in a column of a table. The size of a column is fixed(50 chars, it can't go beyond that).

So i am worried about its length.

thank you
Re: Encryption [message #400259 is a reply to message #400258] Mon, 27 April 2009 06:31 Go to previous messageGo to next message
Michel Cadot
Messages: 64132
Registered: March 2007
Location: Nanterre, France, http://...
Senior Member
Account Moderator
You didn't answer to the question: why?

Regards
Michel
Re: Encryption [message #400261 is a reply to message #400258] Mon, 27 April 2009 06:40 Go to previous messageGo to next message
JRowbottom
Messages: 5933
Registered: June 2006
Location: Sunny North Yorkshire, ho...
Senior Member
So you are attempting to pick an encryption algorithm based on you database design?

Doesn't that strike you as the wrong way round?
I'd say 'We need to encrypt this data, what encrytpion method shall we use, and once that was decided, I'd see how what sort of datatype I'd need to store the results in.

Why can't you change the size of the column?
Re: Encryption [message #400263 is a reply to message #400261] Mon, 27 April 2009 06:48 Go to previous messageGo to next message
maheshmhs
Messages: 93
Registered: October 2008
Location: Nepal
Member
I am a developer. And for me size of the column is fixed. I am not allowed to change on size of column. Based on the table a lot of applications are developed and many of them have dependencey on the size of columns.

thank you
Re: Encryption [message #400267 is a reply to message #400263] Mon, 27 April 2009 06:54 Go to previous messageGo to next message
Frank
Messages: 7880
Registered: March 2000
Senior Member
Bullshit.
If lots of applications would depend on it, the encryption method would be well known and not something you have to make up.
Why would other parties insist on using a varchar2(50) column if they cannot read what's in it?
Re: Encryption [message #400269 is a reply to message #400263] Mon, 27 April 2009 06:56 Go to previous messageGo to next message
Michel Cadot
Messages: 64132
Registered: March 2007
Location: Nanterre, France, http://...
Senior Member
Account Moderator
But currently the field is not encrypted and so you have to change the applications to handle this new situation.
Or make them buy TDE (Transparent Data Encryption).

Regards
Michel
Re: Encryption [message #400273 is a reply to message #400269] Mon, 27 April 2009 07:15 Go to previous messageGo to next message
ThomasG
Messages: 3189
Registered: April 2005
Location: Heilbronn, Germany
Senior Member
Of course, if the requirement is only to "encrypt it, no matter how, no matter why" you could always use ROT13. Very Happy

Re: Encryption [message #400295 is a reply to message #400273] Mon, 27 April 2009 08:00 Go to previous messageGo to next message
maheshmhs
Messages: 93
Registered: October 2008
Location: Nepal
Member
ROT13 is too easy to break. It's very weak to be counted encryption.

thank you
Re: Encryption [message #400297 is a reply to message #400273] Mon, 27 April 2009 08:06 Go to previous message
Frank
Messages: 7880
Registered: March 2000
Senior Member
ThomasG wrote on Mon, 27 April 2009 14:15
Of course, if the requirement is only to "encrypt it, no matter how, no matter why" you could always use ROT13. Very Happy



Or, to make it a tad more difficult to decrypt:
prefix it with 50 X-es and remove everything after position 50
Previous Topic: generic data retention
Next Topic: Query giving ORA-01652 Error
Goto Forum:
  


Current Time: Wed Dec 07 18:18:21 CST 2016

Total time taken to generate the page: 0.07345 seconds