|
Posted by Volker Hetzer on 12/04/06 17:32
ttt.tas@gmail.com schrieb:
> Thanx Volker fo rteh gr8 help and time :D
>
> actually, i'll be using MSSQL for my DB.
> the problem is as follow, i want to develop some small exe file that
> will read the fields of unencrypted DB and encrypt it field by field.
> actually i'll get this DB from a client and he doesn't want me to view
> the DB content, its already an exisiting one, so i should develop him
> some exe file that he will run on this DB and will encrypt all its
> fields, and not the DB as a whole, so i can then take this DB and work
> on the encrypted fields instead.
>
> this is the whole issue :(
Sounds strange. He basically wants to give you a database where /each/
field is encrypted, i.e. a database full of nonsense?
Why can't he just give you the table structure and let you fill
it with your own test data?
SQLServer surely can export a schema definition?
In any case I suggest you ask in comp.databases.ms-sqlserver. This is
more a database problem than an AES problem. SQLserver has an encryption
API and can do the whole thing (if this is what you really want) at SQL
level. So your client can use a small sql script or transact sql file
to do that.
A further advantage of that approach is that, if something goes wrong,
it was definitely the action of the client and not one of your programs.
I've added comp.databases.ms-sqlserver to the group list so my
posting should show up there too.
As for encryption, I fear there is no easy way to encrypt safely
under the conditions you want. Stream ciphers don't extend the
plaintext but are totally unsafe (i.e. you can easily find out
your clients data) if the stream is reused. If the stream is
not reused, all foreign key relations in your database will break.
So, you'd need to manage the reuse on a per-relation base and this
takes about as much effort as just copying the table structure and
writing a small program to generate test data.
Block ciphers either extend the data or are unsafe.
And both generate binary data which messes up your character and number
columns, bot to mention enumerations. They will also break constraints
if there are any and likely betray to you every field that is NULL.
In short: get the schema definition and write a small program that fills
it with test data.
Lots of Greetings!
Volker
--
For email replies, please substitute the obvious.
[Back to original message]
|