Re: encrypted database

This WebDNA talk-list message is from

2004


It keeps the original formatting.
numero = 58681
interpreted = N
texte = You will need to double-url the encrypted values in your APPEND, and single-unurl them in you FOUNDITEMS. WebDNA performs a single unurl on the values being appended, so with the double-url you are left with a single-url'ed value written to the database, which will avoid dangerous characters being written out. [append db=SomeDatabase.db]name=[url][url][encrypt seed=abcedfg][name][/encrypt][/url][/url]&...[/append] [founditems] [decrypt seed=abcdefg][unurl][name][/unurl][/decrypt]... [/founditems] As for searching, you'd be pretty screwed. You cannot even search with an EQ on seed-encrypted values, as the same seed applied to the same value may result in a different encrypted value. If you encrypt without a seed, you will get a consistent encrypted value but it cannot be decrypted (this lets you compare encrypted passwords, for example, but not retrieve their original decrypted value). I don't know of any way to hide the seed from someone with access to the source code. - brian On Jun 28, 2004, at 2:57 PM, Christophe Billiottet wrote: > Hello! is it safe to encrypt every single data loaded in a WebDNA > database (that may become quite large, +40 meg with time) using > > [Append db=SomeDatabase.db]name=[Encrypt > seed=abcdefg][name][/Encrypt]&address=[Encrypt > seed=abcdefg][address][/Encrypt][/Append] > > and is WebDNA still able to do some searching in the encrypted > database ? what would be the proper way to search? > > > [Search db=SomeDatabase.db&eqNAMEdata=[Encrypt > seed=abcdefg][name][/Encrypt]] > [FoundItems] > [Decrypt seed=abcdefg][Name][/Decrypt], [Decrypt > seed=abcdefg][Address][/Decrypt]
> [/FoundItems] > [/Search] > > also, how to hide the "seed" in the templates in case the disk is > stolen? (requested by the customer) > > Thank you! > chris ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: encrypted database ( Brian Fries 2004)
  2. Re: encrypted database ( Chris 2004)
  3. Re: encrypted database ( Brian Fries 2004)
  4. encrypted database ( Chris 2004)
  5. Re: Encrypted Databases (Tom Duke 2000)
  6. Re: Encrypted Databases (WebDNA Support 2000)
  7. Re: Encrypted Databases (Kenneth Grome 2000)
You will need to double-url the encrypted values in your APPEND, and single-unurl them in you FOUNDITEMS. WebDNA performs a single unurl on the values being appended, so with the double-url you are left with a single-url'ed value written to the database, which will avoid dangerous characters being written out. [append db=SomeDatabase.db]name=[url][url][encrypt seed=abcedfg][name][/encrypt][/url][/url]&...[/append] [founditems] [decrypt seed=abcdefg][unurl][name][/unurl][/decrypt]... [/founditems] As for searching, you'd be pretty screwed. You cannot even search with an EQ on seed-encrypted values, as the same seed applied to the same value may result in a different encrypted value. If you encrypt without a seed, you will get a consistent encrypted value but it cannot be decrypted (this lets you compare encrypted passwords, for example, but not retrieve their original decrypted value). I don't know of any way to hide the seed from someone with access to the source code. - brian On Jun 28, 2004, at 2:57 PM, Christophe Billiottet wrote: > Hello! is it safe to encrypt every single data loaded in a WebDNA > database (that may become quite large, +40 meg with time) using > > [Append db=SomeDatabase.db]name=[Encrypt > seed=abcdefg][name][/Encrypt]&address=[Encrypt > seed=abcdefg][address][/Encrypt][/Append] > > and is WebDNA still able to do some searching in the encrypted > database ? what would be the proper way to search? > > > [Search db=SomeDatabase.db&eqNAMEdata=[Encrypt > seed=abcdefg][name][/Encrypt]] > [founditems] > [Decrypt seed=abcdefg][Name][/Decrypt], [Decrypt > seed=abcdefg][Address][/Decrypt]
> [/FoundItems] > [/Search] > > also, how to hide the "seed" in the templates in case the disk is > stolen? (requested by the customer) > > Thank you! > chris ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Brian Fries

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

[WebDNA] current thinking on architecture of mass email scripts? (2011) [WebDNA] grep again (2010) Cookies (1999) Mozilla/4. and Browser Info.txt (1997) WebCat2: Formulas.db question (1997) [protect admin] (1997) RequiredFields template (1997) ListVariables Problem (2003) Signal Raised (1997) Using Plug-In while running 1.6.1 (1997) [OT] Bush's Cyberensive (2003) Webmessage Hyperboard (1998) Help name our technology! I found it (1997) WebCat2b13MacPlugIn - [include] (1997) Wanted how to (1-2-3) (1999) New public beta available (1997) Re:Emailer tracking (1997) using showpage and showcart commands (1996) Cancel Subscription (1996) Fwd: virtual domain and [listfile] paths and aliases (1998)