Re: encrypted database

This WebDNA talk-list message is from

2004


It keeps the original formatting.
numero = 58681
interpreted = N
texte = You will need to double-url the encrypted values in your APPEND, and single-unurl them in you FOUNDITEMS. WebDNA performs a single unurl on the values being appended, so with the double-url you are left with a single-url'ed value written to the database, which will avoid dangerous characters being written out. [append db=SomeDatabase.db]name=[url][url][encrypt seed=abcedfg][name][/encrypt][/url][/url]&...[/append] [founditems] [decrypt seed=abcdefg][unurl][name][/unurl][/decrypt]... [/founditems] As for searching, you'd be pretty screwed. You cannot even search with an EQ on seed-encrypted values, as the same seed applied to the same value may result in a different encrypted value. If you encrypt without a seed, you will get a consistent encrypted value but it cannot be decrypted (this lets you compare encrypted passwords, for example, but not retrieve their original decrypted value). I don't know of any way to hide the seed from someone with access to the source code. - brian On Jun 28, 2004, at 2:57 PM, Christophe Billiottet wrote: > Hello! is it safe to encrypt every single data loaded in a WebDNA > database (that may become quite large, +40 meg with time) using > > [Append db=SomeDatabase.db]name=[Encrypt > seed=abcdefg][name][/Encrypt]&address=[Encrypt > seed=abcdefg][address][/Encrypt][/Append] > > and is WebDNA still able to do some searching in the encrypted > database ? what would be the proper way to search? > > > [Search db=SomeDatabase.db&eqNAMEdata=[Encrypt > seed=abcdefg][name][/Encrypt]] > [FoundItems] > [Decrypt seed=abcdefg][Name][/Decrypt], [Decrypt > seed=abcdefg][Address][/Decrypt]
> [/FoundItems] > [/Search] > > also, how to hide the "seed" in the templates in case the disk is > stolen? (requested by the customer) > > Thank you! > chris ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: encrypted database ( Brian Fries 2004)
  2. Re: encrypted database ( Chris 2004)
  3. Re: encrypted database ( Brian Fries 2004)
  4. encrypted database ( Chris 2004)
  5. Re: Encrypted Databases (Tom Duke 2000)
  6. Re: Encrypted Databases (WebDNA Support 2000)
  7. Re: Encrypted Databases (Kenneth Grome 2000)
You will need to double-url the encrypted values in your APPEND, and single-unurl them in you FOUNDITEMS. WebDNA performs a single unurl on the values being appended, so with the double-url you are left with a single-url'ed value written to the database, which will avoid dangerous characters being written out. [append db=SomeDatabase.db]name=[url][url][encrypt seed=abcedfg][name][/encrypt][/url][/url]&...[/append] [founditems] [decrypt seed=abcdefg][unurl][name][/unurl][/decrypt]... [/founditems] As for searching, you'd be pretty screwed. You cannot even search with an EQ on seed-encrypted values, as the same seed applied to the same value may result in a different encrypted value. If you encrypt without a seed, you will get a consistent encrypted value but it cannot be decrypted (this lets you compare encrypted passwords, for example, but not retrieve their original decrypted value). I don't know of any way to hide the seed from someone with access to the source code. - brian On Jun 28, 2004, at 2:57 PM, Christophe Billiottet wrote: > Hello! is it safe to encrypt every single data loaded in a WebDNA > database (that may become quite large, +40 meg with time) using > > [Append db=SomeDatabase.db]name=[Encrypt > seed=abcdefg][name][/Encrypt]&address=[Encrypt > seed=abcdefg][address][/Encrypt][/Append] > > and is WebDNA still able to do some searching in the encrypted > database ? what would be the proper way to search? > > > [Search db=SomeDatabase.db&eqNAMEdata=[Encrypt > seed=abcdefg][name][/Encrypt]] > [founditems] > [Decrypt seed=abcdefg][Name][/Decrypt], [Decrypt > seed=abcdefg][Address][/Decrypt]
> [/FoundItems] > [/Search] > > also, how to hide the "seed" in the templates in case the disk is > stolen? (requested by the customer) > > Thank you! > chris ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Brian Fries

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

WebCat/CyberStudio Compatibility (1998) Shownext never shows next...still (1997) webcat- multiple selection in input field (1997) Search in 2 or more catalogs (1997) Am on the list? (1997) [WebDNA] Procedures to update to OSX Yosemite (2014) Protect vs Authenicate (1997) Search multiple fields (1997) emailer truncates last letter! (1997) What is wrong here? (2000) Add - optional parameters textA=.... (1997) PCS Frames (1997) SKU lookup (1997) WebCat2b13MacPlugin - [math][date][/math] problem (1997) Simple way to create unique SKU (1997) send mail problem? (1997) searchable list archive (1997) hiding links (1999) Webcat and Sybase on OSX...anyone doing this currently? (2003) Memory Error message (1998)