Re: Oracle Encryption
Date: 1998/10/28
Message-ID: <un26gvfw6.fsf_at_us.oracle.com>#1/1
aperez_at_ccs.neu.edu writes:
> To Anyone who may be of help...
Hopefully, I can. :-)
>
> I've just been thrown into this project 2 or 3 days ago, and I'm totally
> new to oracle, so please excuse my dumb questions. We have an Oracle 7.3.4
> server running on a unix server and am going to have a front end in excel on
> WIN 95 machines. I need to make sure that transactions back and forth are
> encrypted. I somewhat understand how it works, but am still confused. I'm
> using SQLNet to communicate. I've heard that SQLNet itself encrypts the data.
> Is this true and/or do i have to activate it or feed it encryption keys? Do I
> need ANO for this part? I also know that Kerberos is going to be put into use
> sometime later. I understand that ANO needs to be installed in order to use
> Kerberos, but I also keep on seeing references to RSA and DES. Are these some
> equivalents to Kerberos? I'm not sure what they are.
We're talking about two different problems here. Fortunately, ANO solves both
problems.
[Quoted] [Quoted] First of all, there's encryption. SQL*Net by itself does not encrypt data. ANO encryption is needed. You don't have to create encryption keys. ANO generates them on the fly through Diffie-Hellman key negotiation. You do have to type in a seed, though. It's just a random string.
There are two encryption algorithms available: RSA RC4 and DES. RC4 has strengths up to 128 bits. DES has strengths up to 56 bits. The exact strength available, though, is subject to U.S. export restrictions.
As to Kerberos support, ANO supports it through an authentication adapter. When you buy ANO, the Kerberos adapter comes on the CD.
Hope this helps,
--
Rick
Rick Wessman
Security and Directory Technologies
Server Technologies
Oracle Corporation
rwessman_at_us.oracle.com
Received on Wed Oct 28 1998 - 00:00:00 CET