Re: Decryption Performance

From: Steve Jansen (stj3571-nntp)
Date: 04/26/04 

Date: Mon, 26 Apr 2004 17:53:58 -0400

Aaron,

You also might be interested in accelerator hardware. I'm no expert on
these, but, here is my humble understanding of them.

Assymmetric encryption involves specialized computation, including prime
number algorithms. I have heard anecdotal evidence of statistically
significant performance gains when offloading crypto math processing to
specialized hardware. This hardware is generally available for Windows as a
PCI card, with the program flashed onto an on-board circuit. The
combination of the specialized RISC processor(s) and flash based programming
account for the performance gains.

If you are interested, search for vendors using the phrase "CryptoAPI
acceleration card". So, for a server-based solution, you could provide your
customers with a list of (tested) hardware cards that will boost performance
of your app.

HTH,
Steve

"Aaron" <anonymous@discussions.microsoft.com> wrote in message
news:CF819464-0599-47AF-8E96-5D1C535B9324@microsoft.com...
> Thanks for the replies, Alek and Chris.
>
> First, off, Alek you are correct, I misstated our encryption method. I
coded off of an existing encryption method created by another developer.
When I posted the question, I did not have the source code and could not
verify the encryption method, and I incorrectly called it a SH1 hash
algorithm. We are using the DESCryptoServiceProvider right now, and could
possibly use the TripleDESCryptoServiceProvider. We are coding in VB.NET.
Your suggestions on ways to improve performance were what i was looking for.
>
> Chris for your questions...our software can operate as client/server or
standalone. However, the software is sold to our customers, who install the
application at their sites, so we have no control over them. They may load
the database on a server machine, with other SQL Server databases within
their company. We do not wish their DB admins to be able to get at our data.
We have found that the only way to secure a SQL Server DB in this
circumstance is to install our own instance of SQL Server, which would mean
we would be responsible to patch SQL Server as they come out, which may not
be a desirable option for us (but we are still researching this
possibility).
>
> Thanks for the suggestions.

Relevant Pages

  • Re: SQL or Access DB
    ... As far as encryption goes though... ... with Sql Server you can use SQL DMO and encrypt your stored procedures ... installation - Security was absolutely critical and in most instances, ... > then we create a nice gui around this database and sell it to automotive ...
    (microsoft.public.dotnet.languages.vb)
  • Re: Securing a Folder
    ... Please explain where he can get *hardware based* whole drive encryption free. ... IronKey 1GB secure USB Flash drive | Register Hardware ... DTVaultLock security software for Windows to access encrypted ...
    (alt.privacy)
  • [HV-INFO] Enova hardware encryption: false sense of security
    ... Enova Technology is a manufacturer of the X-Wall ASIC that provides ... transparent IDE/ATA hard disk encryption. ... A critical design flaw makes possible to duplicate hardware tokens and/or ...
    (Bugtraq)
  • Re: Upgrade 2000 to 2005
    ... Real-world stuff I run across with SQL Server: ... So, given your hardware restrictions, here is the tact I would take. ... completely uninstall the SQL 2000 installation. ...
    (microsoft.public.sqlserver.clustering)
  • Re: modulo
    ... cryptography key of some length, and if you use the key to encrypt ... the only way a 512-bit encryption algorithm ... dedicated hardware to attack it will never succeed. ...
    (comp.programming)
Loading