128, 192, 256bit Encryption

[CDMI - Steve T]

openQM has the above Encryption capabilities
i have a potential client running D3 ver 9.0 on Windows
he needs to 'store' a customer's credit card information for monthly
billing
does D3 have a 128, 192, 256bit Encryption function?
thanks in advance,
Steve T

[Ross Ferris]

Coming with 9.1 - in the meantime, you can encrypt & store outside of
system using windows tools

[Eugene Perry]

Any idea of when 9.1 will be released?

Eugene

[Nathan Rector]

I was looking for my routines that did something like this using OpenSSL
on linux (would work on windows), but it would require you to place the
data to encrypt into a temp file or add it to the command line.

Both of those have different security concerns. I personally use the
temp file approach.

-Nathan

[Ross Ferris]

You would need to contact TL .... and heck, you are closer, so don't
ask me!!

> > > Steve T- Hide quoted text -
>
> - Show quoted text -

[Mark Brown]

D3 has encryption capability but I'm not certain it's "certified" or even certifiable

 

x = "this is some text"

seed = "secret"

y = iconv(seed:@am:x,"u9d')

z = oconv(seed:@am:y,'u9d')

crt x

crt y

crt z

 

The longer the seed, the better.  As I understand it, the 128 is the width of the encrypted packet, so if your seed is 16 bytes long, it'll do 128 bit encryption.

 

I wrote the code and I firmly believe that no one short of the NSA can break it.

 

Mark Brown

[Glen Batchelor]

    Interesting. I just played around with it. Does the encrypted data stay below ASCII 251? I ran the data through a BASE64 encoder/decoder I have in BASIC and it works fine. What is the algorithm?

--
You received this message because you are subscribed to
the "Pick and MultiValue Databases" group.
To post, email to: mvd...@googlegroups.com
To unsubscribe, email to: mvdbms+un...@googlegroups.com
For more options, visit http://groups.google.com/group/mvdbms

-- 
Glen B

[Martin Phillips]

Hi all,

 

Since QM got mentioned in an early posting on this thread, let me answer the question as it applies to QM even though the thread seems to be more concerned with D3.

 

QM provides three levels of AES 128, 192 or 256 bit encryption; entire record, selected fields and ad-hoc data items.

 

Record level encryption, used only internally in hashed files, may result in any character values. Since you can never see the encrypted form, nothing should care about the fact that this might contain characters outside the first 251.

 

Field level encryption, also only used internally, performs an additional data transformation to ensure that the encrypted values can never contain characters from the C0 set ( 0 to 31) or the mark characters. The latter rule is required so that we can still find the marks when extracting fields, values or subvalues.

 

Ad-hoc encryption, probably closest to what this thread seems to be discussing, uses the ENCRYPT() and DECRYPT() functions which allow encryption to be applied to any desired piece of data, whether or not it is part of a data record. This uses the same additional transformation as field level encryption and it is here that elimination of the C0 characters becomes important as it allows the data to be written into files that use, for example, newlines.

 

Incidentally, since the topic came up, QM also has Base64 encoding as a built-in conversion code.

 

 

Martin Phillips
Ladybridge Systems Ltd
17b Coldstream Lane, Hardingstone, Northampton NN4 6DB, England
+44 (0)1604-709200

[Mark Fuller]

(Advertisement) Ok jumping on the band wagon

Reality V14.0/V14.2 also supports 3DES encryption, either via the
ENCRYPT/DECRYPT DataBasic Functions or you can choose to encrypt the
entire file.
It also supports an encrypted tape deck (can be psuedo) using the same
algorithms, enabling you to create an encrypted save for archival
without having to encrypt the data!

Regards
Mark Fuller

On Mar 6, 1:05 am, "Martin Phillips" <martinphill...@ladybridge.com>
wrote:

[Mark Brown]

 

It encrypts whatever you give it: field or record and protects the integrity of the segment mark. everything else comes back in the decrypt.

If I told you the algorithm, it wouldn't be much of a secret, would it.

I added this to Pick back when it WAS Pick, but it was never advertised. While with Pick, I published a list of these "hidden" features on CDP. If anyone has a copy feel free to re-post.

Mark Brown

[dmm]

On Thursday, March 8, 2012 8:20:04 AM UTC+11, Mark Brown wrote:

 

It encrypts whatever you give it: field or record and protects the integrity of the segment mark. everything else comes back in the decrypt.

If I told you the algorithm, it wouldn't be much of a secret, would it.

With all due respect – I’m sure your algorithm is great – this might be a problem for the OP. Auditors, clients ..etc may require that data encryption be done using a known mechanism (eg AES ..etc), where the algorithm has been published, and subjected to significant analysis. The notion of ‘security through obscurity’ might be a difficult sell. I do understand that this might not be a released/public feature.

[Tony Gravagno]

I think companies seeking legal information about a product should ask the product owner.

For many reasons it's not reasonable to ask former employees to post confidential information - especially for an OP who hasn't even asked.

 

dmm wrote:

Mark Brown wrote:

If I told you the algorithm, it wouldn't be much of a secret, would it.

 

...this might be a problem for the OP. Auditors, clients ..etc may require ...

 

[dmm]

Well, excuse me.

[Gene Buckle]

On Thu, 8 Mar 2012, dmm wrote:

>
>
> Well, excuse me.
>
No, no, no. It goes, "Well excuuuuuuuuuse me!"

*laughs*

g.

--
Proud owner of F-15C 80-0007
http://www.f15sim.com - The only one of its kind.
http://www.diy-cockpits.org/coll - Go Collimated or Go Home.
Some people collect things for a hobby. Geeks collect hobbies.

ScarletDME - The red hot Data Management Environment
A Multi-Value database for the masses, not the classes.
http://www.scarletdme.org - Get it _today_!

Buying desktop hardware and installing a server OS doesn't make a
server-class system any more than sitting in a puddle makes you a duck.
[Cipher in a.s.r]