|
|
|
New Technique Eases Encryption for Databases
By: Brian Prince
2008-03-19
Article Rating: / 59
There are 4 user comments on this Network Security & Hardware story.
Voltage Security offers to make deploying encryption at the database level less painful with a technique called Format-Preserving Encryption.Shocking the encryption market is not easy to do, but officials at Voltage
Security must hope their new approach to encryption will do exactly that.
The company's flagship SecureData product uses a cryptographic technique Voltage
Security calls Format-Preserving Encryption. SecureData was first released to
the public in fall of 2007, though the company waited until now to speak about
it publicly.
The overall aim of the approach is to ease the process of encrypting databases.
Unlike traditional algorithms that expand data into binary fields,
Format-Preserving Encryption, or FPE, allows encrypted data to keep its
original format on a character-by-character basis, so that the data fits in
existing fields and there is no need for database schema changes. It also
preserves referential integrity, which enables encryption of foreign and
indexed keys and ensures internal consistency in masked data, company officials
said.
With other approaches to encryption, a nine-digit Social Security
number or a 16-digit credit card number, when encrypted using regular AES,
produces binary blocks of data much larger than nine or 16 digits. Longer
strings require changes to the database size, which means database schema
changes.
Click here for eWEEK's Security Dictionary.
"The encrypted data can be stored in place, without any database schema
changes, and all to the same strength as 256-bit AES
[Advanced Encryption Standard]," said Mark Bower, director of information
protection solutions at Voltage Security. "Any information thief would
assume they are accessing the actual, correct numbers. However, obtaining this
data will yield them nothing."
Implementing FPE also eliminates the cost and effort of dealing
with applications affected by schema changes, Bower said.
"If you look at the data privacy problem, data resides across all
manner of systemssome more than 25 years old," Bower said. "So
legacy applications that may contain highly sensitive customer data can now
accommodate encryption where before it was impossible; it's not often possible
to change database schemas if the legacy application expects a particular rigid
schemathe applications break."
Forrester Research analyst Paul Stamp said the firm's approach removes a
layer of complexity from the database encryption process.
"It can also make it easier to ship production
data into a test environment, which is a big deal for maintaining security in
the troubleshooting process," Stamp said.
|
|
�������x}ks6*�Q3{L=RJ64ԭRQ"$1H.IVrO/v�K�iLfϙIlK���Bw?H�ptô1��%s�t{>DZ{{}.GP`�YP�/�2r*2�'�j��m�DS8$x$z�=$?*B4e�G$oIX}䛿S=2rsݛ6BT�|HJ%ir�a+?N&��s�Z?#=z'�d^�W�(�Ƈ�f�GikC2�rt�&-
�.7P?� u/jS2zF-_ 4ʍhGZIAr�,f3}�3�+i�*
$nxp*Z:WM!MsX&�Zi�C�A+Wt6 9fq{vzrq۽:Yv>vO:}$O#t>�+?_f�'_ZU/�`6�['>{uH8=|`k�P{6MߑJCR�?#1p;�|Y�o]8螐$˷�Y>��./�4C�n&J�ݒU�L_*:T�ȏؖ/Rxh�Fu
x��%%6Ȝc�P
������~s Ff=ͨn�"d��i�|]\ P3Z�$ߚ��26�g{ M��А�v1r%M`3R˼荦�$%/^P�P샖_[�2jNէTwEQ��a#�<^f/�_��\B�
3
Ah8y�WңTʆ�[�t68;�߇,7kDm,ɺ�s5wnx�AZVp�x=muڃ�7Sҿ]{w@*7Gm'!|�e0��mx�Z.s33@k`C�ҋ�L �
w&bhn�x� }#
00w��&z(tD h&r<�kIOmLJ!?6�
{
G`r���ɽ 5�E0
û#i`y1���y�jQ?
aơ/Y��' c}S(�|` �9�nZȴcxX).�$>w2F}#�>�C �RRR$C_�]Pv9�B�
B�!B��0 H��V�(VFzGBj+�'B�Pl=!đtLZI!VB)7OH w^WfnR>��MO5��ScL`Da��Lzb8s�m/n$1a�V|�\w���\gKVZsd$V3�%fsP�kӺ�J@7FȂ�rL5q��̠�ucLGe
k=eR(k��l̥
Ӳzdxe��6:�&CF҆C�C��Ss�m���_&TYiW۟��tX)Z-a�usV@���d@�7h�`
�DlVCax�Zz'�As,]O�L�.>u�/6�*'#}0��;s���JkX�$
M=̔:Y_����~�2.|N���+�e@m\�:r8�\-�guaOjK�Ws2GMC8@m�"��aINR}�
Ĵ^oZ,Ŀtwֳ�j�1���sQ_(%UQL~�2��;2.eX \�k�ʙ8<#�Of�Y$�Ei.
4E�(p��5
4� ĉ\RUaX:$]75SXe�;;pM2v��H}�[̝�3$!M_&%E&h!E�7 �dx&O}qNxxO�� "}.҈��%��}�"T0�|&���VH0pl) 5tl*FuI�-�! ����:,C$>�/0%X(3;pi#u�QB� 2P��3FnuItMe``l�"Z` |
i�俯X`�#1�s*�=<�R�glס3��`,�:���2?p=�JN:Ɲc}|pܵ
/RD�7 �PU)�.ō�fπỉǖ�2mԆ�VNLO�hh
6Z�;k}P#2lRO/�~/'WA4�MOT%0="���^�.�k}Y_xx6'�*C)/��DʂYe/Q U-q'�.҆Q%9�T1 V,v}b;_I|SeȓV�)��i�+T\U8�3pa-XRjh��HU
}dE�
�C/
ސOFˢN3G~� W>W OPU*J5$�}�V��r;-i�7xџ1XD+�++0�/<+�kpo��9
�2j>wRm@%erI�Mq�{a/;#nK�-%./@ހذ:z�6]ܒ(t]2��Zx\[XKXLh;y�X^�5eD�$f~d
y|'ZJ봺%I�OM��=)h+�Q�AߏC�eRԣo{{!3݀��,�(|ݙC��adJ�H5�]�Uj{_ 1K0�F\�0�R���{H�P?�|ZUjF
슣d9C�TRDBZABs8o
=$Є�_چ
+�~7)ɑ$� |B*�D;}ZTe�3����ٿ�~ۣ�[�
L ��$q�)YUi�蝝ja{I6�~G1\I�mtp~HJ�ۧ>]
e!1@q�3n^;� k�4�9tߟ�<�{>ks 1*uN;8$#�_>\J�?�N
eB&�f�BhX�Mq�4�s'^�y�G{>=^n;�El�Fp0\ފy B�`л�\owėOz��~�\t:Rrq{x܌#;�R%9!pUN&<�1)M� S��cw0M��2��)һ9pbiNZ
�_/�k=9V�'��7hx| Fpv;
ºUX��PH2>X��a-(ʑh�G z�P)'$�m�ESt$;-38^�Ih��!�0
1u�e�}Eb)%Q\(HO�Uxv9ݴ9Q��l7"F'ϊNd~N�[N㷚oWȘs7�O|Ad�hL�Va:.N:~$�Br�^'68�/}p19�ޏH�Be/pA�O� j�E
P!ARB�9oũ-HӖO\�fax!uL,0�q8�%5r"0oBzH�,l}[�[��ΙhES2%I��#ϔ 5-cye5)a5R!MLCY�OC/�%$f;��R!�J=Yuj{ڀĴ&{>wg+Kw�_"9G�X ;[
ViH�_8_`�tO�"�,G�x�8SB[('H�*VZRZ-V
IN4�|x�r�'|'xj��}yU�yQm�=t#jQuon£�kDiO:n�{��GQ
=d�fon_8Z\ta|�|;�sF�gu\{�$Sv,Q��xq��%l}�HK�,a<3�q=�vb/{~�[�NQD=%&�,`�qէ*hM�ݮ"K"����CÙ릍 &�
Hbй!Os��>#A�I���3G
6��2'|+R!UkE��wW�U++�T�7�*�E&%��m7B�}6ȿ�&bi4W3ZT=}~[fv?sB&�>dO#@.u,vx5�t>X��a�>
A#Vo
lϸp@
s�0<2�HJnv2٢]�pjwkLRx16k��#MR7}i�g�ANC|P�Wh(�:a6�*|�`Q�Zy&Lm�~��~6�ߊ:"YcCƳdǟ۲Sr��s2y�1R+N�ne�j
|kI%�5���߅8�M{fr+���7�~nɸ�!E'͖�x�L>_�'h5ta�V؍SLsTKZ'��2i_nQ�''\/_z��懌�X췲JD��QUk`�8.Q�2ū��Z�{ʯ ӹiÚ29"Ʋ.w#O�;k.νҐ#1CsXSr�3k>̠xں�rI}�bO,Bw��l|~TJ�b�KF\��whb6H̞�* t�%�,�WXqcaV�+`Y_LGȊo�9-v*�h�"JjZ�"1s��@8MBGb8{q�Vk]j%J�0�
�bׅD�5�s�}pe��b=|(��EDأw�epZMcs6`IPa�R JwSR�ۄZXd|Gɒ+~!W�H\Juˠa�0DnQ/�@Eמi K�Wf0 YMf�ZDw�w�`�Ԑ@ Z��ߒo(OqF=@CG/���b)'!@W2P9�JΑ�{�|`ujAJ$vAkW!Z�tP�dE@B�ܨfk�=�1؉SUa�g:M=���pZe;MyUY*NyK�{�*>�g%T>e�92Jث�_ ZЭ^*D�0> W�@ERmI$_��/|�`톚Z�kf�o6Э�4mf6.�hq5h%e[zE"8��(�}�2Ӗ�HE":}=bk WE�L]�EY2�vޱRDG#�a�s�Kw>�W�:ޕ�Vղ�{%={<~kkkkwA7JveK�e�d?u�hiP̎|HD\�H@dg9?l�m���ڲv&fEͿAb�
��==sN�jx!�V6B�U/3v}�!E̜!�P1_;Xxw_bDx$~bm
�u>iPwIf&y1ds9#�{��r%[ܲ7�=|�_t�h=�VVIO(L\�:;v�}Uhm�\&��n~�\�ţ!{6pΰVy*\{v�''?[^loy�o`Z�OkB�*{H_|�#ŷfaǸ(Ωcl��|{�}vXoPff�嵙�mVx{�Ʒ�c�W۲:`I�E�}�06BVܹk9敲�C�;`I�N{ۙ��-�@ȼ#M�d�_fH�D(�pr
8gYXƳS@<����ÕH��z�WA�W|`߱1C�Wv�x@Q^e\V¨|26-�/*`-k;�pOwJ�1)nGb1Ekl��@.]h�w}L+M+KMs}9l�{�#~p|SyC&0ę?ExHl�(�Z@fnk�ƵV�xs`Lv�s=�4�\k1�[�^[
g
x!l1:ʇ"s�?CU�&e�eW<ߣ�^��Y?`#Ǻtobmĭd��?�?ߋ.{ ?s���H?�Z�tĕ'ηP ��E��/N
<�5�#%=k<�l$ (CZPBZ]/�%1�(z�#8Gc4Q'
5՚xӆ��^�#[�!�akzrF��-?��x�$"R�6(>�17>�L,�tx{��n��/͛I~�o[k>WaNͦ"f$xѴ{B*�cb9w)j5n\�(Hu(F�d+2�/ #|Ň�PWw�ƄF��We:-0Qj"*}��JDc� �x��=F5_֡]Ovǽ/ꊙ�Ovj#`u�8?�@Ov&(m']қ-Z47:S��E�Ñw,bgC� /ǐO@^hR{��$8.f쁥B�*dIw@�2L\\fbi'�TJ1
m&K-g1W�f|4`6r?>��->Ü��ztӰǾ3aֶu8�Q`I�пA#gݹHm+ne mNLw>_a�Yac�i7p�\s�p+�7�>+�tC��9v|:UۋuN���%'?̊�ڊ�o5J�ڕ]aaiL"&Nf�蒜n��3�/�ݥcSG53?b)oZ���9@VmĐMX�o���L��m�Uh5mfi�B\�[y�_#Ƙy`\ #
3P3�S�C��<6M$Ae�ȃ5T?�0н�
)U�(
O5��C�UP�8A`ŒY�2c:�&e���L�)<]С�ܛޔj@*oIg;8���|63|4e^fGZI)G6(�}o�#d2z '�֔k3dvH*k�_!ݰ�VI m{7�R[��U슍B��a�;&B�p:/H��/:A福��V0K6Y:�&��*%z�-P[$죋LF�>�%:�>a:$�.+JAW9pޢ[:*�\k M꺂OJ�2,��#VJ<>{fA~
E�ene �HB+�^@0Y�3�:�%Ք�$�:�,B}}}nHt:rӽ�t{Wsѻ�L׆�_ǣ4駓U{5(L<̃·?g�.�P0mw�%U�ũ�KljI�^E`k":o"^r��]8s0?�.�X6�J�m�fc }zz|lŵ�g5>;ٙϋ_M8FyS��~p��r;&
,8j67a�n�(�hO�vɀ:VhR�� Nj__ל�(.?i�s{P)GJ�d��N;9'P~]~�9{���ϻy7{ZhuOsa|ݜ{S�~K?�./r�m̙K2�Kh2}e�~/�?9�/s�̡K�D�ʁ#)?Ar/2�*g~r
*gz0^{ z9�#_>s�y�&~�?�>ρ�7ȡ?��>G(W�}́#c�n6�6~oۜons/$)G�Ay;pzy?2sS^)sR�y~
)�PWg9
(ϑgU�s�Vڭ^�Va�{j{�U_?߫O�{};M+ťW�*7yKxM}%kgV�[K�rPk�_yi�
V�GeyH��GW4<< X9rnmru3nW�r˭Xѧ�^5_9��t=*��t!=}�s3bT$%`W�]#=D~(K�s�җ�e.m�~�4�g܊RlOAptr�m>�v+y�]�ć�\T6l<�&\eɣn(/�@J�~�t
p�yo8هQ֪p3n�49p�|bO� vH}1nﰇb,O�*8�Mߜ:R��Nw��}Y&ƀY8'}t)NBh8�j��MWxJ
W{2��q`�pl�@$�w1eM+5VkZpWr.��q@Dd��{���UUEVrarXZUiT5h����zg�
�]{ۦJ�̾�Z8fȳRL��u+�J�!b$\B�x�[vm)�«2�donV2
`lQKpΒ�h;r�q �Y8P*`%�K�؞9�F^/F$�r�g�M_`cť��6�%ffډ�5��u¿�.SOL<� ?f+g
�m�ěӴohlգ{h9ĩiSr�O�?gSm ̀uW�ȥ&3b"�>�oՔ^]C�� N*˗ XV���)}0=�Dc�jϗ0w:aKƈ��DM�KIn�_!�]x@;`л+d>`��X)R'yDӟ�}Q!zU:��\)i9u�TR܉,� �-��g�9M8>&nzusƹ
Y=�c說F)\œ@@rvoL��~jcfL~.ߒ.'%x^��;4m!F�8<# g1MD�fAl!�&y峅�{NK�̄�Qxc|H*_{l�x Qh!I'4&.�:�Fs䭁=��$>x*8�Akvu$$*s�{F�|%{jmj{J�F!M�%؉lDiB�
/�~W,H\��[a��>$N*f$3�ug�G{M�>c㠬[��
>%�vj�^է(z�q}$!10I�K$��I!+KESX^�ᠣ͌['|F�o�BzzEl��pV�Ζl'O$qs^�X\)�%c�
ҽLSXmj7hU|qp1gbV!qd�V�ӧ�7-[@��Ojc�1vaeh)�Yձ]w
� 7�3>Ƌ�rx{Go�fQcJ%:Ɛojv{[?/Ox~Saxr=G���K�t���m-I�S`Cr8�vWIAd���`
&ض� �Ԣ?͛sg�)+],by�ԙz!�w>E}�2ȱ(�by�J.D{[9O�AxeӍMѾY�nw0w1Lk^Fz§kl�1Cc]R>Gk�
]'83�sZ�%.�_m�Z }( oF�Tt
fy��9Hljݿ&gPs:cvKѦ
N�7" a�A0n#/
��LN����r=6C�:qsr�gM���vmXGڢ~fmQaW�9~51Ȟ|tusxE]Y>80�F\gX�3'�X�[zD,5bb:(�/z��0�����is&�3ǂ)0ѕD1F(-,1.f� � Ax�&�~�t<3G@TF�_E@�G7byUĄ�f�ٵBRJnr�'�
)�}�ɦbGNԌaBa�r��zЙH��pK�Z8
g!0X^�XpTT��/D4;NB}aE�tDW#.ra�W���<�bMd�?tY�kh�?X�Yj /��yH%H=C�
QFk'O�(QF2}>8P|һ⿑xq7�WRXB^ZR$Di'�k!ջnv'+e={`o����g�`Lt�)�2)v}ml-c6�C-[{�W&��
|
Network Security & Hardware 
