Hi,
on DB2 v9.5 fixpack 2 on Linux we have new requirement to have DB2 data encrypted when transmitted through network. I was looking at DB2 product encryption and found out that dbm cfg AUTHENTICATION parameter set to DATA_ENCRYPT could solve the problem (at the moment this parameter is set to SERVER in our case). Like I have read DATA_ENCRYPT value encrypts password, SQLs, variables, DB2 returned data etc. So this could be solution to our problem. What I am wondering right now is, what kind of encryption algorithm, ciphers etc are used for this DATA_ENCRYPT? I don't want to use weak algorithms that can be broken in two hours, so I am wondering if this is strong encryption or not? Is there any detailed article about how encryption is performed if DATA_ENCRYPT value of AUTHENTICATION parameter is used?
Regards

there is also a specific product for this
IBM Database Encryption Expert for encryption of data at rest - IBM DB2 9.7 for Linux, UNIX, and Windows

@przytula_guy: if possible I would not buy additional product. Just wondering how DATA_ENCRYPT works. If it works reasonable fine, like not using some weak encryption that can be hacked in two hours by using brute force attack, then this could be sufficient in our case. It would also be fine not to be too complicated to implement. Any detail how DATA_ENCRYPT works?

I don't have a definite answer, but based on this: Security under the IBM Data Server Driver for JDBC and SQLJ - IBM DB2 9.7 for Linux, UNIX, and Windows, there are two options - 56-bit DES (weak) or 256-bit AES (stronger) encryption. You can also develop your own security plugin if you need stronger encryption still.

Consider also that you can use SSL to secure client-server communications - it is also described in the manual.

DATA_ENCRYPT is weak, SSL is strong.

You can confirm this by looking at the documentation for db2pd and the -applications option.

Andy