Well, Like I said, I'm a newbie at this. This is something we have to do for
our customers and are playing it by ear. Actually, the key is stored in a
database which is inaccessable without the right passwords. If you have any
suggestions on how I should go about doing this, I am interested.
Basically, all I need to do is encrypt data before I store it in a database,
I don't really care what method I use, it just needs to be effiecient. I am
on a platform that is VERY short on cpu power so the overhead of our initial
method is unacceptable.
Thanks,
-Pete
On September 20, 2001 11:53 am, Michael Sierchio wrote:
> Peter Osborne wrote:
> > Hello All,
> >
> > I'm a newbie at all of this so bear with me. The company I work for needs
> > to encrypt data before it is stored in a database. Currently, how we are
> > doing this is by writing the data to a file, encrypting the data with the
> > openssl command line utility (openssl enc -rc4 -in file1 -out file2 -pass
> > file:sslkey -e), reading the data out of the file and writing it back
> > into the database.
>
> I am a big fan of stream ciphers, but not for storing data. I'd use
> DES-EDE-3K for long term storage. Possibly AES-CBC-256
>
> > We would like to use the ssl libraries to do all this and scip all the
> > file stuff & command line utilites but I don't know where to start. Does
> > anyone know where I can find some sample code that does simple file
> > encryption/decryption using just a file as the key?
>
> I'm unclear by what you mean by the last phrase. How do you intend to
> use a file as the key? Do you mean storing the contents of the key
> in a file? Unencrypted? Why bother with encryption, if that's the case?
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
