Re: dbms_obfuscation_toolkit...preventing double encryption...

Why don't you encrypt it in the insert statement only.

insert into kris values (encrypt('CCnumber', key1));

Why try workarounds?

Anurag

"alincoln" <alincoln_at_edgewater.com> wrote in message news:3c5e17cb.0310280754.12e2fd1f_at_posting.google.com...
> Hi all,
>
> We are using the dbms_obfuscation_toolkit.DESEncrypt() and
> DESDecrypt() to process credit card data throughout our database...We
> are trying to setup some database functions to handle the
> encrypt/decrypt. What we would like to incorporate into the functions
> is a preventive mechanism that stops data from being encrypted a
> second/third/or more times...
>
> For example...given two home-grown database function encrypt() and
> decrypt() we run the following commands...
>
> <snip>
> create table kris (col1 varchar2(90));
>
> insert into kris values ('A');
> insert into kris values ('AAAAAAAA');
> insert into kris values ('4141414141414141');
> insert into kris values ('515151515151');
> commit;
>
> prompt Original values...
> select * from kris;
> prompt **********************************************************
>
> prompt Update encrypt() step one...
> update kris set col1 = encrypt(col1, 'KEY1');
> select * from kris;
> select decrypt(col1, 'KEY1') from kris;
> prompt **********************************************************
>
> prompt Update encrypt() step two...
> update kris set col1 = encrypt(col1, 'KEY1');
> select * from kris;
> select decrypt(col1, 'KEY1') from kris;
> prompt **********************************************************
> </snip>
>
> Problem is, in step two, the data gets encrypted twice...Anyone know
> of anyway to detect and prevent double/triple/or-more encryption of
> data?
>
> tia,
>
> adym lincoln
> alincoln_at_edgewater.com
Received on Tue Oct 28 2003 - 12:31:43 CST