RE: Data encryption in Oracle 7.x
Must say, the DBMS_OBFUCSICATION_TOOLKIT is actually quite fast. I would highly agree with Jared's recommendation. I have a few PL/SQL procedures I made that call this package to handle encrypting passwords for logins and such and it works really well. -Original Message- Sent: Monday, May 21, 2001 11:22 PM To: Multiple recipients of list ORACLE-L Take a look at my article on encryption on Oracle. It can be found at www.cybcon.com/~jkstill/util It has some solutions ( such as RC4 ) that can be implemented on Oracle 7. There's also a Blowfish implementation there courtesy of Craig Munday. Keep one thing in mind: encryption via PL/SQL is not very fast. Upgrade to Oracle 8 if possible and you will be much better off, as you can then use DBMS_OBFUSCATION_TOOLKIT, or other external encryption libraries. Jared On Monday 21 May 2001 14:22, [EMAIL PROTECTED] wrote: Hello fellow DBA's, I am in a tough situation. I am trying to find an encryption solution for Oracle 7. I know that 8i has DBMS_OBFUSCATION_TOOLKIT, however we don't have 8i :( We are still running 7.3.4 (OS limitations, DOS clients :(. Anyway, did any of you ever have to implement DES or one-way encryption in Oracle 7.x? Anyone of these solutions would help (the problem is that we would like to avoid encryption done in the application due to some limitations of the development environment). Thanks in advance for any help, links, directions... Val Gamerman. -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Jared Still INET: [EMAIL PROTECTED] Fat City Network Services-- (858) 538-5051 FAX: (858) 538-5051 San Diego, California-- Public Internet access / Mailing Lists To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing). -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Christopher Spence INET: [EMAIL PROTECTED] Fat City Network Services-- (858) 538-5051 FAX: (858) 538-5051 San Diego, California-- Public Internet access / Mailing Lists To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
Re: Data encryption in Oracle 7.x
Take a look at my article on encryption on Oracle. It can be found at www.cybcon.com/~jkstill/util It has some solutions ( such as RC4 ) that can be implemented on Oracle 7. There's also a Blowfish implementation there courtesy of Craig Munday. Keep one thing in mind: encryption via PL/SQL is not very fast. Upgrade to Oracle 8 if possible and you will be much better off, as you can then use DBMS_OBFUSCATION_TOOLKIT, or other external encryption libraries. Jared On Monday 21 May 2001 14:22, [EMAIL PROTECTED] wrote: Hello fellow DBA's, I am in a tough situation. I am trying to find an encryption solution for Oracle 7. I know that 8i has DBMS_OBFUSCATION_TOOLKIT, however we don't have 8i :( We are still running 7.3.4 (OS limitations, DOS clients :(. Anyway, did any of you ever have to implement DES or one-way encryption in Oracle 7.x? Anyone of these solutions would help (the problem is that we would like to avoid encryption done in the application due to some limitations of the development environment). Thanks in advance for any help, links, directions... Val Gamerman. -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Jared Still INET: [EMAIL PROTECTED] Fat City Network Services-- (858) 538-5051 FAX: (858) 538-5051 San Diego, California-- Public Internet access / Mailing Lists To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
Re: data encryption
Andor, Gyula schrieb: Hi Gurus ! Is there any standard method to encrypt data? We are making an application that uses application-level privilege system, so we should store passwords for users. Of course we want to store encrypted passwords, but we don't know if is there an existing way for this or try develop own encryption. What do you suggest? Thanks in advance Gyula -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Andor, Gyula INET: [EMAIL PROTECTED] Fat City Network Services-- (858) 538-5051 FAX: (858) 538-5051 San Diego, California-- Public Internet access / Mailing Lists To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing). --- This Mail has been checked for Viruses Attention: Encrypted Mails can NOT be checked ! *** Diese Mail wurde auf Viren ueberprueft Hinweis: Verschluesselte Mails koennen NICHT geprueft werden! Hi, you can always go with the UNIX crypt() function. That works pretty well ;). Things get more complicated if you want to be able to decrypt the password again. There is a clear distinction when it comes two one-way or two-way encryption. But usually, one-way does it. Actually, Oracle does the same. -- Regards, Stefan Jahnke BOV AG @:D2 Vodafone, Abt.: FIBM AMS-Gebäude: E6 R08 Tel.: 0211/533-4893 -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Stefan Jahnke INET: [EMAIL PROTECTED] Fat City Network Services-- (858) 538-5051 FAX: (858) 538-5051 San Diego, California-- Public Internet access / Mailing Lists To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
RE: data encryption
I was wondering if Oracle ever considered incorporating PGP into their databases. I don't know much about the different types of security (e.g. Kerberos etc.), though, so maybe that idea doesn't make any sense. : ) Is it not possible for people to write password encryption procedures in 8.1? You can write your own procedure to verify the complexity of passwords, I am surprised they wouldn't let a site develop their own password encryption scheme. Patrice Boivin Systems Analyst (Oracle Certified DBA) -Original Message- From: Stefan Jahnke [SMTP:[EMAIL PROTECTED]] Sent: Thursday, May 03, 2001 8:30 AM To: Multiple recipients of list ORACLE-L Subject:Re: data encryption Andor, Gyula schrieb: Hi Gurus ! Is there any standard method to encrypt data? We are making an application that uses application-level privilege system, so we should store passwords for users. Of course we want to store encrypted passwords, but we don't know if is there an existing way for this or try develop own encryption. What do you suggest? Thanks in advance Gyula -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Andor, Gyula INET: [EMAIL PROTECTED] Fat City Network Services-- (858) 538-5051 FAX: (858) 538-5051 San Diego, California-- Public Internet access / Mailing Lists To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing). --- This Mail has been checked for Viruses Attention: Encrypted Mails can NOT be checked ! *** Diese Mail wurde auf Viren ueberprueft Hinweis: Verschluesselte Mails koennen NICHT geprueft werden! Hi, you can always go with the UNIX crypt() function. That works pretty well ;). Things get more complicated if you want to be able to decrypt the password again. There is a clear distinction when it comes two one-way or two-way encryption. But usually, one-way does it. Actually, Oracle does the same. -- Regards, Stefan Jahnke BOV AG @:D2 Vodafone, Abt.: FIBM AMS-Gebäude: E6 R08 Tel.: 0211/533-4893 -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Stefan Jahnke INET: [EMAIL PROTECTED] Fat City Network Services-- (858) 538-5051 FAX: (858) 538-5051 San Diego, California-- Public Internet access / Mailing Lists To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing). -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Boivin, Patrice J INET: [EMAIL PROTECTED] Fat City Network Services-- (858) 538-5051 FAX: (858) 538-5051 San Diego, California-- Public Internet access / Mailing Lists To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
RE: data encryption
you can always go with the UNIX crypt() function. That works pretty well ;). And what colud we use on WinNT? -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Andor, Gyula INET: [EMAIL PROTECTED] Fat City Network Services-- (858) 538-5051 FAX: (858) 538-5051 San Diego, California-- Public Internet access / Mailing Lists To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
Re: data encryption
drop table emp;
create table emp(
EMPNO number primary key,
FIRSTNAME VARCHAR2(30),
SURNAME VARCHAR2(30),
PASSWORD CHAR(32),
PHONE VARCHAR2(32)
);
create or replace trigger emp_encryptpassword
before insert or update of password on emp
for each row
declare
b_in raw(16) := UTL_RAW.CAST_TO_RAW(substr(:new.password, 1, 16));
b_key raw(8) := UTL_RAW.CAST_TO_RAW('EeTe32!!');
b_out raw(32);
begin
dbms_obfuscation_toolkit.DESEncrypt(input =b_in, key =b_key,
encrypted_data =b_out);
:new.password :=rawtohex(b_out);
end;
/
insert into emp values(1,'BOB','SCOTT','Tiger',NULL);
Hi,
Play with that. Add error checking and decrypt with a function or encrypt the
given password and compare the protected strings.
oli
--
Oliver Artelt
Oracle Certified DBA
cubeoffice GmbH Co.KG # jordanstrasse 7 # 39112 magdeburg
telefon: +49 (0)391 6 11 28 10 # telefax: +49 (0)391 6 11 28 19
email: [EMAIL PROTECTED] # web: http://www.cubeoffice.de
[EMAIL PROTECTED] wrote
Hi Gurus !
Is there any standard method to encrypt data? We are making an application
that uses application-level privilege system, so we should store passwords
for users. Of course we want to store encrypted passwords, but we don't
know if is there an existing way for this or try develop own encryption.
What do you suggest?
Thanks in advance
Gyula
--
Please see the official ORACLE-L FAQ: http://www.orafaq.com
--
Author: Oliver Artelt
INET: [EMAIL PROTECTED]
Fat City Network Services-- (858) 538-5051 FAX: (858) 538-5051
San Diego, California-- Public Internet access / Mailing Lists
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
Re: data encryption
I wrote an article on this that may be of use to you. www.cybcon.com/~jkstill/util Jared On Thursday 03 May 2001 02:35, Andor, Gyula wrote: Hi Gurus ! Is there any standard method to encrypt data? We are making an application that uses application-level privilege system, so we should store passwords for users. Of course we want to store encrypted passwords, but we don't know if is there an existing way for this or try develop own encryption. What do you suggest? Thanks in advance Gyula -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Jared Still INET: [EMAIL PROTECTED] Fat City Network Services-- (858) 538-5051 FAX: (858) 538-5051 San Diego, California-- Public Internet access / Mailing Lists To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
