I am trying to encrypt "at rest" a postgresql database (on WINDOWS) and I have followed the steps from this source:
https://www.postgresql.org/message-id/attachment/62301/README.encryption
But when I want to create the encrypted instance using the command:
initdb -K /data/my_pwd_command.sh -D data_encrypted
it says that the option -K illegal. So, I can not pass the encryption key... Could anyone explain why I do not have this option? Or could suggest me another way to encrypt the DB at rest?
That's just the attachment of a post to a PostgreSQL mailing list, it is not the documentation and does not describe an existing feature.
PostgreSQL doesn't support that. There are proprietary solutions (although probably not on Windows), but my recommendation is to simply use an encrypted file system to store the database. Then you have the same effect with less trouble.
Let me add that encrypting database files adds very little security for a high performance price.
Related
I've never done databases before but I know that you can create them on MySQL, the thing is that I want to be able to write/read a database locally and not have to send/receive any information online as it would be too slow for what I need.
Is there a way to create a stand alone database (possibly on MySQL then downloading it) and write/read from it using LUA?
Thanks for any information, as I say, never touched databases.
Yes it is.
You can download sqlite3, which is a simple SQL relational DB. Basically this type of DB is just a file (.db extension), so you can have it locally on you PC and also exchange it between many machines easily.
From a Lua standpoint, what you need is a library to access your DB and I think LuaSQLIte3 is the best option to go with. Check this SO post for a basic example on this.
IMO using lua in conjunction with sqlite3 is one of the best choices when one wants to have a (light) SQL-based DB locally, without the added "complexity" of a more commercially used DB (e.g.postgres).
How can I create an encrypted SQLite database that actually stays encrypted or that I can open afterwards.
I used SQLite2009 Pro Enterprise Manager that "can" create encrypted databases, but after typing in the encryption key they are no longer openable.
I used SQLiteManager from SQLabs to create an encrypted database and while this one can be opened afterwards, this can be done from any SQLite management tool or code without requiring the key I entered.
So, how the heck can you create an encrypted SQLite database please?
I plan to use the database in an Adobe Flex aplication.
Thank you.
SQLite supports integrating encryption but the default open-source SQLite distribution does not support encryption. Encrypted versions of SQLite are only going to be portable across different clients or tools if they all use the same encryption extension.
The SQLite developers themselves distribute a commercial version of SQLite that supports encryption transparently. When this module is used for encryption, the encryption works across platforms and every byte written to the file is encrypted. There is nothing in an encrypted SQLite file stored on disk to even indicate it's a SQLite database. Many tools support this implementation by allowing you to drop in the commercial sqlite.dll file in place of the open-source one.
There are also third party extensions that support encryption. For example, System.Data.SQLite supports encryption but utilizes .NET libraries to do so and thus an encrypted System.Data.SQLite can only be read by another client that also uses System.Data.SQLite (this is on purpose, out of deference to the core SQLite developers and their commercial product).
Adobe AIR 1.5 support encryption. I don't know for sure which mechanism is used though, I searched and couldn't find the answer. It's possible that an AIR encrypted database can only be read with AIR. I don't know definitively either way. However, here is a good starting point for learning about working with encrypted databases is AIR:
http://probertson.com/articles/2008/11/18/air-1_5-encrypted-sqlite-database-how-to/
Re: encrypting an existing database
"Out of curiosity, can a database that was created not encrypted be made so afterwards, when it has all sorts of data in it already?"
You can't encrypt an unencrypted database directly. You can change a database's encryption key using the SQLConnection.reencrypt() method, but it only works on already-encrypted databases:
http://help.adobe.com/en_US/FlashPlatform/reference/actionscript/3/flash/data/SQLConnection.html#reencrypt()
However, as a workaround you can open multiple databases within a single SQLConnection and you can copy data and structure from one to the other. I've actually written a utility class that uses that technique to allow you to encrypt an unencrypted db:
https://github.com/probertson/air-sqlite/blob/DB-copy-dev/src/com/probertson/data/DBCopier.as
Have a look :http://elromdesign.com/blog/2009/04/16/adobe-air-sqlite-manager-api-for-adobe-air-15-with-password-encryption/
It may help.
I have a program written in Delphi 7, which uses a MS Access 2000 database as the backend.
I have password protected my MS ACCESS 2000 Database file (*.mdb) with a 16 character password consisting of a misture of Numeral, control, UpperCase, and LowerCase characters.
However, it looks like there are a number of programs on the market that claim that the password can be retrieved. What is the purpose of this database password if that is the case? Is there anyway to make it so it is not retrievable? Tighten the encryption so to speak?
thanks
MS Access 2010 uses better encryption and has some other features. SQL Server Compact edition gives you a lot more security but is still appropriate for a desktop app.
Otherwise, go with a server database: mysql, sql server, oracle. Most have free versions.
Is there anyway to make it so it is
not retrievable? Tighten the
encryption so to speak?
It depends; you can either change your database and look for a more secure one (e.g. MS SQL Server Compact Edition), or if you want to stay on MS Access and security of the data is important to you, go for encrypting important fields using a good encryption algorithm (e.g. AES).
If you are going to encrypt your fields, you can do it transparently in Delphi; each DB field in Delphi is derived from TField class, and has two events called OnGetText and OnSetText. OnGetText is fired every time you try to read the field's data, and OnSetText is fired every time you try to write to the field. You can encrypt a field data whenever OnSetText is fired, that way, the encrypted data will be saved in the database. On the other hand, you can decrypt a field data whenever OnGetText is fired, that way, user will always see and work with the decrypted data. The whole process would be transparent to the users.
Of course you should take note that encrypting/ decrypting fields every time they are being read or write has performance drawback depending on number of fields to be encrypted, their size, frequency of reading or writing them, and the encryption algorithm which is used. It's better you just encrypt the important fields.
Another option could be to encrypt the whole MS Access database file, and decrypt it whenever your application is connecting to it, but that way, the file is secure as long as your application is not running; once your application is running and the file is decrypted; the file is exposed to others.
What is the purpose of this database password if that is the case?
It makes people who think Access is a real database feel good about it.
Is there anyway to make it so it is not retrievable?
Stop using Access.
Tighten the encryption so to speak?
Not in Access. However, if you stop using Access and use a real database, you'll find that you can also have real security.
If security is a requirement then you should not be using a Jet database or any other file-sharing database architecture. It's as simple as that.
What is the purpose of this database
password if that is the case?
The purpose is to get people to upgrade to MS SQL Server and buy licenses for that as well. There are things MS will never fix.
On the other hand they have a free version of MS SQL Server which is not so crippled so you don't have to start paying through your nose unless your system will actually grow to need a full MS SQL Server.
However, if you develop systems like that (with no plan and not understanding limitations of the technologies you choose), you are most likely to lock yourself into proprietary features, for better or worse.
EDIT:
Here is quote directly from MS
Note Although the model and
techniques discussed in this article
enhance security, the most secure way
to help protect your Access data is to
store your tables on a server, such as
a computer running Windows SharePoint
Services 3.0 or Microsoft Office
SharePoint Server 2010.
Use crypt aes instead of standard mechanism.
I posted this question on Experts-Exchange as well. This is the kind of answer i was looking for (not critisism). Although this person eventually tells me to switch datbabases, he clearly explains why, without critisism:
DatabaseMX:
As you've discovered, there is essentially no security in an Access db password, prior to A2007. The are 1000's of tools (some free) that can immediately hack an Access password. A2007/10 is using an improved password paradigm ... it's security level is not clear yet.
"Is there anyway to make it so it is not retrievable"
No. It's only slightly better than nothing, depending on your specific environment where the mdb will be used.
"What is the purpose of this database password if that is the case? "
It was just a bad implementation. Period.
With A2003 and prior, the best you can do are a combination of the following:
1) db password
2) Add User Level Security
3) Create an MDE to protect code. But event an MDE can be hacked.
So, IF ... you really need better security, you will need to look at SQL Server or equivalent platform.
mx
We are using Sybase SQL Anywhere 11. We need to encrypt some of our tables in our database. I followed the instruction and did it. We selected the "strong" option with encryptionKey and AES256_FIPS algorithm. But there are something I am not clear about them.
It will require encryptonKey when we create the database, remove the database and start the database server but it will NOT require encryptionKey when we stop the database server and connect to the server to create tables and add data. Why there is NO encryptionKey asked when we connect to it or try to stop the server? I am doing something wrong?
don't know how to test the encryption? I still can see all plain text in the encrypted tables when I use Sybase Central tool. If somebody knows the database user name and password, he/she can connect to the database and read the content without the encryptionKey. is this right?
I can't speak specifically to Sybase's system, but database encryption in general is designed to encrypt at the file system level to prevent backdoor access to the database's data (i.e. reading the binary file and parsing it yourself rather than going through the RDBMS), not to prevent access or obfuscate data through the standard database interface (it's expected that you'll use your RDBMS's security mechanisms to do this).
Most likely the SQL Anywhere tool captures the encryption key when you first enter it (i.e. at server startup) and then stores it in memory to decrypt for other operations. As #Adam Robinson said, the data needs to be encrypted in the filesystem or there's a back door by taking the "analog solution" and just parsing the raw file, which is a nice segue to your second question...
If you want to test the encryption, try locating and opening the file outside of the Sybase tools and see if you can spot any identifiable data. I would start with a simple text search for a string (create a cell with a unique string you can search for) and make sure its not there in the encrypted file. To verify, you could also parse a non-encrypted version of the database and make sure that you can find the string there.
I have a desktop application that needs to read data from a database, both installed on client computer.
That data in database must be encrypted, to deny client access, and protect data.
I need to know what kind of database to use that can supports encryption, because the amount of data in some tables will be very huge, I will need efficiency too.
I read some about this on web and perhaps SQL Server Compact Edition will be a good choice.
Can someone help me with this point?
Thanks
SQL Server 2008 includes a feature called Transparent Data Encryption which may do what you need. I don't know if Compact Edition contains this feature. A little googling with those keywords should get you started. I don't normally advocate using SQL Server, but in this case I'm not aware of any similar features from other DB vendors (but they must exist...).
That said, what do you hope to gain by encrypting the data? If this is entirely client-side, then the client is going to have the key to decrypt the data. At best, you're making a slight hurdle for people to get at your database contents. It won't be secure by any meaningful definition.
You cannot prevent a determined attacker from accessing the decryption key and accessing the database. This is effectively a copy-protection scheme, and they are all broken.
Update: The question states, "That data in database must be encrypted, to deny client access, and protect data." If the client has access to any application that can access the database, he has access to the key used by the application, and can bypass the application to access the database directly.
If the inescapable logic has no appeal, consider the anecdotal evidence of failed copy-protection schemes attempted to protect music, games, and other digital assets.
SQLite has an Encryption Extension (SEE) that allows an application to read and write encrypted database files: http://www.hwaci.com/sw/sqlite/see.html
This DB may be a good fit for a desktop application, and is widely used. For example, I believe FireFox uses it internally.
SQL Server CE has no support for encryption whatsoever. You can at best encrypt the database file using the host OS encryption facilities. The file level encryption does not work for databases because to read page X in the file one has to decrypt all pages 1...X-1 to get the encryption key in the appropriate state (reach the proper CBC block state). BitLocker on the other hand works fine as it can decrypt/encrypt pages in the file individually. But BitLocker is a partition level option, not file level. These general considerations apply to any plan to encrypt the entire database file, irrelevant of the product involved (SQL CE, SQL Express, MySQL, Access, anything).
SQL Server has database level encryption. The easiest to use is TDE, Transparent Data Encryption but this requires Enterprise Edition. The other option is to use the cryptographic functions and manage the encryption yourself. Hardly easy to use, but is available in the free Express edition.
Might I recommend SQLCipher? It's a free and open-source implementation of SQLite that supports transparent, page-level encryption. It's similar to SEE, it's under active development, and has experimental support for a number of different ciphers, as it uses OpenSSL for some of its implementation. Full disclosure: I'm one of the developers! We've got a tutorial on using it in iPhone applications that will give you a basic idea of how it works, and there's a comment thread that expands on some related topics. Obviously, using it in Visual Studio will be a tad different than XCode, but you should be able to hook up the linking and get it going in a Windows environment.