Results 1 to 5 of 5
  1. #1
    Join Date
    Jan 2003
    Posts
    1,605

    Unanswered: Encryption of data transmitted through network. Is DATA_ENCRYPT strong or weak.

    Hi,
    on DB2 v9.5 fixpack 2 on Linux we have new requirement to have DB2 data encrypted when transmitted through network. I was looking at DB2 product encryption and found out that dbm cfg AUTHENTICATION parameter set to DATA_ENCRYPT could solve the problem (at the moment this parameter is set to SERVER in our case). Like I have read DATA_ENCRYPT value encrypts password, SQLs, variables, DB2 returned data etc. So this could be solution to our problem. What I am wondering right now is, what kind of encryption algorithm, ciphers etc are used for this DATA_ENCRYPT? I don't want to use weak algorithms that can be broken in two hours, so I am wondering if this is strong encryption or not? Is there any detailed article about how encryption is performed if DATA_ENCRYPT value of AUTHENTICATION parameter is used?
    Regards
    Last edited by grofaty; 12-01-11 at 04:00.

  2. #2
    Join Date
    Apr 2006
    Location
    Belgium
    Posts
    2,514
    Provided Answers: 11
    Best Regards, Guy Przytula
    Database Software Consultant
    Good DBAs are not formed in a week or a month. They are created little by little, day by day. Protracted and patient effort is needed to develop good DBAs.
    Spoon feeding : To treat (another) in a way that discourages independent thought or action, as by overindulgence.
    DB2 UDB LUW Certified V7-V8-V9-V9.7-V10.1-V10.5 DB Admin - Advanced DBA -Dprop..
    Information Server Datastage Certified
    http://www.infocura.be

  3. #3
    Join Date
    Jan 2003
    Posts
    1,605
    @przytula_guy: if possible I would not buy additional product. Just wondering how DATA_ENCRYPT works. If it works reasonable fine, like not using some weak encryption that can be hacked in two hours by using brute force attack, then this could be sufficient in our case. It would also be fine not to be too complicated to implement. Any detail how DATA_ENCRYPT works?

  4. #4
    Join Date
    Jun 2003
    Location
    Toronto, Canada
    Posts
    5,516
    Provided Answers: 1
    I don't have a definite answer, but based on this: Security under the IBM Data Server Driver for JDBC and SQLJ - IBM DB2 9.7 for Linux, UNIX, and Windows, there are two options - 56-bit DES (weak) or 256-bit AES (stronger) encryption. You can also develop your own security plugin if you need stronger encryption still.

    Consider also that you can use SSL to secure client-server communications - it is also described in the manual.

  5. #5
    Join Date
    Jan 2003
    Posts
    4,292
    Provided Answers: 5
    DATA_ENCRYPT is weak, SSL is strong.

    You can confirm this by looking at the documentation for db2pd and the -applications option.

    Andy

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •