Re: 2 Keys decrypts same message

From: Andrew Swallow (am.swallow_at_eatspam.btinternet.com)
Date: 07/07/03

• Next message: Andrew Swallow: "Re: Crypting for 1,000,000 years into the future?"
• Previous message: dsr_at_florence.edu: "Re: Crypting for 1,000,000 years into the future?"
• In reply to: Jorge: "Re: 2 Keys decrypts same message"
• Next in thread: 小葉南洋杉: "Re: 2 Keys decrypts same message"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Mon, 7 Jul 2003 17:56:33 +0000 (UTC)

"Jorge" <jbachler@eudoramail.com> wrote in message
news:6dc1ad49.0307070730.5f598756@posting.google.com...
> Thank's for the answers!
>
> My problem is the following, I have a database
> that needs to be encrypted.
> Some of the rows need to be accessed (decrypted)
> by one person and other by another person, etc.
> I'm talking about 1 million rows and 200 users.
>
> My idea is to encrypt using a password for each user,
> but in the case (very probable) that the user
> forgots the password I need to be able to decrypt
> the data encrypted with his/her password.
>
> I don't want to encrypt each row twice (with a admin password
> and user password) because it will be twice the space.
>
> I don't want to use a *master* key to encrypt every
> row, and encrypt this master key with each user password,
> because user passwords can be weak and compromise all the
> data (not only the user one).
>

You are trying to use encryption to solve two problems -
1. Keeping the database secret.
2. Providing users with restricted access rights.

Things become easier if you separate the two things.

Keeping the database secret
=======================

Place the database on its own computer. Use physical
security to protect this computer. The computer needs
lots of disk storage and high speed LAN (Local Area
network) access.

Physical security may consist of placing the database
computer in a locked room or cabinet. Fit the cabinet with
a nice strong padlock. None of your users need physical
access to this computer.

The users access the database by logging onto their
own computer and communicating via the LAN. Have
their request is examined by an access program that
restricts each user to the rows and columns they need.
Any attempt to read other data should be rejected.

Every night (or several times a day) get your computer
operator to copy the database from the main disk
onto an exchangeable hard disk. Keep the backup
disks in the safe deposit box at your bank(s). A
grandfather-father-son arrangement will recycle
the file space. Some exchangeable disks fit into
big slots in the computer, others can be attached
via an USB cable.

Some databases allow you to keep a transaction file
of the day's changers on a third set of disks. If your
main disk goes down get the back up from the bank
and instruct the database software to repeat the
updates.

Depending on your security needs the disks can be
in plain text or encrypted. Encrypting the entire database
under the same key variable is the simplest. The user
communication's key variables should be keep in a
separate file, normally encrypted under a different master
key.

Restricted Access Rights
====================

The users should login on their own computer. This
computer then sets up a secure session with the
database computer. The identification information
permits the access program to determine what
data the user can be granted access to. Depending
on your security requirements the login could just
be a password or could involve entering a key
variable from a floppy disk or memory stick. A
key variable unique to each subscriber permits
the encryption of the data whilst it travels over
the LAN. This is doubly important if your users
have dial up access over the phone or internet.

Andrew Swallow

---

• Next message: Andrew Swallow: "Re: Crypting for 1,000,000 years into the future?"
• Previous message: dsr_at_florence.edu: "Re: Crypting for 1,000,000 years into the future?"
• In reply to: Jorge: "Re: 2 Keys decrypts same message"
• Next in thread: 小葉南洋杉: "Re: 2 Keys decrypts same message"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Database encryption. ... > I am writing application that encrypt paradox type database with IDEA ... which is used to mark end of string. ... (sci.crypt) Re: SSN encryption ... >> We want to encrypt social security numbers in a database. ... address and SSN are always excluded. ... exposed if there were a breakdown in the other security precautions. ... (sci.crypt) Re: Secure data in SQL Server 2005 Mobile Edition ... What is the difference between encryption with and without the> encrypt ... >> thing to try is not checking the encrypt option - the database still>> gets ... >>> I am trying to encrypt a database on SQL Server 2005 on a desktop ... (microsoft.public.sqlserver.ce) Re: Urgent encryption need ... We take database dumps to disk and then back them up to tape encrypted. ... I know it's not exactly the way you wanted to do it (you wanted to encrypt ... (AIX-L) Re: Secure data in SQL Server 2005 Mobile Edition ... We have decided to go ahead with encrypted the entire database for now, ... replicate this database on SQL Server Mobile Edition on a mobile device. ... for my database connection string and checked the encrypt option. ... (microsoft.public.sqlserver.ce)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)