Re: Encryption with BLOBS
This is a discussion on Re: Encryption with BLOBS within the Informix forums, part of the Database Server Software category; --> To add to what Jonathan said... If you're storing the blobs within the database, then you'd want to wrap ...
| |||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-20-2008, 04:35 PM
| ||||
| ||||
 Re: Encryption with BLOBS To add to what Jonathan said... If you're storing the blobs within the database, then you'd want to wrap your insert functionality with an encryption method. As you say, they are probably using version 7. Even under version 10, you'd probably want to use some form of hardware encryption. Depending on the size and number of blobs, you're going to get lousy performance if you're not using hardware. If you are using 10 or higher, you would still be better off not using the AES or TDES encryption routines within the engine. If only because you'll want the speed of hardware encryption. Also you still have the issue of key management, although there are some tricks around that. Note: There's more to encryption that the physical task. ;-) >From: Jonathan Leffler <jleffler@earthlink.net> >To: informix-list@iiug.org >Subject: Re: Encryption with BLOBS >Date: Fri, 18 May 2007 04:53:51 GMT >MIME-Version: 1.0 >Received: from perform.iiug.org ([216.177.38.211]) by >bay0-mc6-f22.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Thu, >17 May 2007 21:55:30 -0700 >Received: from localhost (localhost [127.0.0.1])by perform.iiug.org >(Postfix) with ESMTP id 205C9ADF5;Fri, 18 May 2007 00:55:16 -0400 (EDT) >Received: from perform.iiug.org ([127.0.0.1])by localhost (perform.iiug.org >[127.0.0.1]) (amavisd-new, port 10024)with ESMTP id Y7cRYOh4jx+5; Fri, 18 >May 2007 00:55:14 -0400 (EDT) >Received: by perform.iiug.org (Postfix, from userid 60001)id 8ADBCADEB; >Fri, 18 May 2007 00:55:13 -0400 (EDT) >Received: from perform.iiug.org (localhost [127.0.0.1])by perform.iiug.org >(Postfix) with ESMTP id A8B4EADE3;Fri, 18 May 2007 00:55:05 -0400 (EDT) >X-Message-Info: >LsUYwwHHNt2sDOrsHpp31Ngkt8OdRFGF5E/Zej+wUN3apA800660iQdo3xIwyFvs >X-Virus-Scanned: amavisd-new at iiug.org >Path: >nnrp.xmission!xmission!newsfeed.telusplanet.net!n ewsfeed.telus.net!newscon04.news.prodigy.net!prodi gy.net!newshub.sdsu.edu!elnk-nf2-pas!newsfeed.earthlink.net!stamper.news.pas.earthl ink.net!newsread1.news.pas.earthlink.net.POSTED!90 a49e3f!not-for-mail >Organization: Randomly Disorganized >User-Agent: Thunderbird 2.0.0.0 (Macintosh/20070326) >Newsgroups: comp.databases.informix >References: <1179429917.149185.48430@l77g2000hsb.googlegroups. com> >Lines: 24 >NNTP-Posting-Host: 66.245.41.201 >X-Complaints-To: abuse@earthlink.net >X-Trace: newsread1.news.pas.earthlink.net 1179464031 66.245.41.201 (Thu,17 >May 2007 21:53:51 PDT) >NNTP-Posting-Date: Thu, 17 May 2007 21:53:51 PDT >Xref: nnrp.xmission comp.databases.informix:197026 >X-BeenThere: informix-list@iiug.org >X-Mailman-Version: 2.1.6 >Precedence: list >List-Id: "comp.databases.informix" <informix-list.iiug.org> >List-Unsubscribe: ><http://www.iiug.org/mailman/listinfo/informix-list>,<mailto:informix-list-request@iiug.org?subject=unsubscribe> >List-Archive: <http://www.iiug.org/pipermail/informix-list> >List-Post: <mailto:informix-list@iiug.org> >List-Help: <mailto:informix-list-request@iiug.org?subject=help> >List-Subscribe: ><http://www.iiug.org/mailman/listinfo/informix-list>,<mailto:informix-list-request@iiug.org?subject=subscribe> >Errors-To: informix-list-bounces@iiug.org >Return-Path: informix-list-bounces@iiug.org >X-OriginalArrivalTime: 18 May 2007 04:55:30.0598 (UTC) >FILETIME=[C28A4C60:01C79908] > >mark.scranton@gmail.com wrote: > > I have a client that is wondering if anyone has experience with > > encrypted BLOBs and IDS. Anyone? They haven't started using them yet, > > but are wondering about performance implications and other pertinent > > issues, good or bad. > > > > I assume they're v7 blobs btw, not slobs (uh - smartblobs that is...) > >If they are BYTE and TEXT (non-smart blobs), then they aren't encrypted >by standard IDS facilities, so the performance is under their control. > >The version 10 column-level encryption functions can handle any data >type except BYTE and TEXT. > >Assuming you are using BLOB and CLOB types, BLOBs are not Base-64 >encoded, so they grow by a constant amount. CLOBs, on the other hand, >are Base-64 encoded, so (in the limit) they are expanded to about 4/3 >times the original size when encrypted (N bytes input becomes 4N/3 + X >for a modest value of X). > >-- >Jonathan Leffler #include <disclaimer.h> >Email: jleffler@earthlink.net, jleffler@us.ibm.com >Guardian of DBD::Informix v2007.0226 -- http://dbi.perl.org/ >_______________________________________________ >Informix-list mailing list >Informix-list@iiug.org >http://www.iiug.org/mailman/listinfo/informix-list __________________________________________________ _______________ Like the way Microsoft Office Outlook works? You’ll love Windows Live Hotmail. http://imagine-windowslive.com/hotma...i_outlook_0507      |
Linear Mode
