Information générale
Catégorie:
Codage, syntaxe et commandes
Versions des environnements
OS:
Windows Server 2012 R2
Network:
Windows Server 2012 R2
Virtual environment:
VMWare
3DES is considered as tough to break as AES256, FWIW. It is slower that AES, but in what you are doing that's likely not a consideration. The standards I've seen accept either.
That said: the current "gold standard" is "always encrypted" -- at rest (in the SQL DB), in memory (in the SQL Engine) and in transmission (over the network). The way it works is that the ODBC driver does the decryption on the client. "Always Encrypted" is the name MS gives this method. I believe (relying on memory) this applies at the table level, not the field level. But since you are working with Fox data, this is only of academic relevance to your question. Anyway, it's pretty much overkill: if someone can break field encryption (for instance by getting your key out of memory) then they will end up with whatever they want. So security efforts are really about keeping the C- and D-team hackers from vacuuming up your data, and encrypting sensitive fields is going to do that with either 3DES or AES256.
Hank
>Hi all,
>
>I have read a few of the threads on encryption and just wanted to get some updated suggestions.
>
>I only need to encrypt a few fields within the entire application - do not need a rewrite of the entire app into SQL server etc. The customer just has a few "sensitive" fields that they would like encrypted.
>
>I have read about Craig Boyd's vfpencryption71.fll and it seems to wrap to all the current encryption standards (correct me if I am wrong) but his blog stops in 2010 so not sure if there are any newly found bugs in this dll that might not be fixed. I have also looked at Rick Strahl's class (which I have) which wraps .net functions and encrypts with TripleDES - in this case, not sure yet if this is secure enough (no guidance from the customer and I just don't know enough about encryption to make the reccommendation).
>
>Are there any other classes etc out there that provide the AES256 encryption mechanisms?
>
>Again, just want to replace the contents of a few fields with an encrypted value.
>
>Thanks,
>Albert
Précédent
Suivant
Répondre
Voir le fil de ce thread
Voir le fil de ce thread à partir de ce message seulement
Voir tous les messages de ce thread
Voir tous les messages de ce thread à partir de ce message seulement