Re: encrypted database

This WebDNA talk-list message is from

2004


It keeps the original formatting.
numero = 58681
interpreted = N
texte = You will need to double-url the encrypted values in your APPEND, and single-unurl them in you FOUNDITEMS. WebDNA performs a single unurl on the values being appended, so with the double-url you are left with a single-url'ed value written to the database, which will avoid dangerous characters being written out. [append db=SomeDatabase.db]name=[url][url][encrypt seed=abcedfg][name][/encrypt][/url][/url]&...[/append] [founditems] [decrypt seed=abcdefg][unurl][name][/unurl][/decrypt]... [/founditems] As for searching, you'd be pretty screwed. You cannot even search with an EQ on seed-encrypted values, as the same seed applied to the same value may result in a different encrypted value. If you encrypt without a seed, you will get a consistent encrypted value but it cannot be decrypted (this lets you compare encrypted passwords, for example, but not retrieve their original decrypted value). I don't know of any way to hide the seed from someone with access to the source code. - brian On Jun 28, 2004, at 2:57 PM, Christophe Billiottet wrote: > Hello! is it safe to encrypt every single data loaded in a WebDNA > database (that may become quite large, +40 meg with time) using > > [Append db=SomeDatabase.db]name=[Encrypt > seed=abcdefg][name][/Encrypt]&address=[Encrypt > seed=abcdefg][address][/Encrypt][/Append] > > and is WebDNA still able to do some searching in the encrypted > database ? what would be the proper way to search? > > > [Search db=SomeDatabase.db&eqNAMEdata=[Encrypt > seed=abcdefg][name][/Encrypt]] > [FoundItems] > [Decrypt seed=abcdefg][Name][/Decrypt], [Decrypt > seed=abcdefg][Address][/Decrypt]
> [/FoundItems] > [/Search] > > also, how to hide the "seed" in the templates in case the disk is > stolen? (requested by the customer) > > Thank you! > chris ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: encrypted database ( Brian Fries 2004)
  2. Re: encrypted database ( Chris 2004)
  3. Re: encrypted database ( Brian Fries 2004)
  4. encrypted database ( Chris 2004)
  5. Re: Encrypted Databases (Tom Duke 2000)
  6. Re: Encrypted Databases (WebDNA Support 2000)
  7. Re: Encrypted Databases (Kenneth Grome 2000)
You will need to double-url the encrypted values in your APPEND, and single-unurl them in you FOUNDITEMS. WebDNA performs a single unurl on the values being appended, so with the double-url you are left with a single-url'ed value written to the database, which will avoid dangerous characters being written out. [append db=SomeDatabase.db]name=[url][url][encrypt seed=abcedfg][name][/encrypt][/url][/url]&...[/append] [founditems] [decrypt seed=abcdefg][unurl][name][/unurl][/decrypt]... [/founditems] As for searching, you'd be pretty screwed. You cannot even search with an EQ on seed-encrypted values, as the same seed applied to the same value may result in a different encrypted value. If you encrypt without a seed, you will get a consistent encrypted value but it cannot be decrypted (this lets you compare encrypted passwords, for example, but not retrieve their original decrypted value). I don't know of any way to hide the seed from someone with access to the source code. - brian On Jun 28, 2004, at 2:57 PM, Christophe Billiottet wrote: > Hello! is it safe to encrypt every single data loaded in a WebDNA > database (that may become quite large, +40 meg with time) using > > [Append db=SomeDatabase.db]name=[Encrypt > seed=abcdefg][name][/Encrypt]&address=[Encrypt > seed=abcdefg][address][/Encrypt][/Append] > > and is WebDNA still able to do some searching in the encrypted > database ? what would be the proper way to search? > > > [Search db=SomeDatabase.db&eqNAMEdata=[Encrypt > seed=abcdefg][name][/Encrypt]] > [founditems] > [Decrypt seed=abcdefg][Name][/Decrypt], [Decrypt > seed=abcdefg][Address][/Decrypt]
> [/FoundItems] > [/Search] > > also, how to hide the "seed" in the templates in case the disk is > stolen? (requested by the customer) > > Thank you! > chris ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Brian Fries

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

PCS Frames (1997) WC2.0 Memory Requirements (1997) WebDNA vs SQL ? (2002) Need help with form (1998) WCS Newbie question (1997) Search results templates (1996) [OT] Stock price charts (2006) Search for 20 finds 2000, 200 Why? (1997) Re:Emailer and encryption (1997) turning every 5th line red (1999) emailer (1997) [convertChars] and HTML Tags (1997) Nested tags count question (1997) different show next (1997) [SearchString] problem with [search] context (1997) Email within tmpl ? (1997) WebCatalog can't find database (1997) Trouble with formula.db (1997) [WebDNA] WebDNA 8.6.4 (2020) EIMS & emailer conflicts? (1999)