Best encription method?

--0-2031657115-1285593313=:72331
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Hello experts! Can i have your valuable suggestion on the following?=
I would like to encrypt a particular table of records. =0AI hope can =
choose two ways,number one, application level encryption method =0Achoosing=
our own encryption algorithm and an another is database level =0Aencryptio=
n. my question is, which is portable, which is consistent? or altoget=
her the =0Aencryption should not degrades the performance. Note: The a=
pplication is going to be across an intranet Suggestions are appreciat=
ed! Thank you in advance.=0AVikram A =0A
--0-2031657115-1285593313=:72331--

Re: Best encription method?

--001517573dbafee17604913da72c
Content-Type: text/plain; charset=ISO-8859-1

Both have benefits.

Application level:

- data is encrypted during transmit, too
- processing is offloaded from your hard-to-scale database server
- decrypt keys don't pass your database, so dba or other users can't peek

DB

- Guaranteed consistent implementation regardless of client


Can't think of other benefits of DB-side encryption, offhand :-) I would go
for the app-side every time. Let the database worry about managing the data,
don't bother it with application stuff.


On Mon, Sep 27, 2010 at 3:15 PM, Vikram A wrote:

> Hello experts!
>
> Can i have your valuable suggestion on the following?
>
> I would like to encrypt a particular table of records.
> I hope can choose two ways,number one, application level encryption method
> choosing our own encryption algorithm and an another is database level
> encryption.
>
> my question is, which is portable, which is consistent? or altogether the
> encryption should not degrades the performance.
>
> Note: The application is going to be across an intranet
>
> Suggestions are appreciated!
>
> Thank you in advance.
> Vikram A
>
>
>


--
Bier met grenadyn
Is als mosterd by den wyn
Sy die't drinkt, is eene kwezel
Hy die't drinkt, is ras een ezel

--001517573dbafee17604913da72c--

Re: Best encription method?

--0-144943640-1285594982=:24348
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Dear Sir,=0AThank you for the suggestion, as you suggested i shall go for a=
pplication level. =0AI have another query too, please answer, =0ANorm=
ally, If i need to store an integer value i have to define it as int, If I =
=0Aencrypt this, i must define its type as string of different size[it depe=
nd upon =0Athe encryption output] than its original size. It increases the =
db size. I am =0Aknown that if it is secure i have to choose encryption. bu=
t when i choose =0Aencryption it leads the more memory usage. =0AAny =
comment on this? =0AThank you=0AVikram =0A______________________=
__________=0AFrom: Johan De Meersman =0ATo: Vikram A ikkiatbipl@yahoo.in>=0ACc: MY SQL Mailing list =0ASe=
nt: Mon, 27 September, 2010 6:55:04 PM=0ASubject: Re: Best encription metho=
d? Both have benefits. Application level: =09* data is encry=
pted during transmit, too =09* processing is offloaded from your hard-=
to-scale database server * decrypt keys don't pass your database, so d=
ba or other users can't peekDB =09* Guaranteed consistent implementati=
on regardless of client=0ACan't think of other benefits of DB-side encrypti=
on, offhand :-) I would go for =0Athe app-side every time. Let the database=
worry about managing the data, don't =0Abother it with application stuff.=
On Mon, Sep 27, 2010 at 3:15 PM, Vikram A > wrote: Hello experts!=0A>=0A>Can i have your valuable suggestion on =
the following?=0A>=0A>I would like to encrypt a particular table of records=
..=0A>I hope can choose two ways,number one, application level encryption me=
thod=0A>choosing our own encryption algorithm and an another is database le=
vel=0A>encryption.=0A>=0A>my question is, which is portable, which is cons=
istent? or altogether the=0A>encryption should not degrades the performance=
..=0A>=0A>Note: The application is going to be across an intranet=0A>=0A>Sug=
gestions are appreciated!=0A>=0A>Thank you in advance.=0A>Vikram A=0A>=0A>=
=0A> =0A-- =0ABier met grenadyn=0AIs als mosterd by den wyn=0ASy die't=
drinkt, is eene kwezel=0AHy die't drinkt, is ras een ezel =0A
--0-144943640-1285594982=:24348--

Re: Best encription method?

--0016e659f534a1863d04914dc6ef
Content-Type: text/plain; charset=ISO-8859-1

On Mon, Sep 27, 2010 at 3:43 PM, Vikram A wrote:

>
> Normally, If i need to store an integer value i have to define it as int,
> If I
> encrypt this, i must define its type as string of different size[it depend
> upon
> the encryption output] than its original size. It increases the db size. I
> am
> known that if it is secure i have to choose encryption. but when i choose
> encryption it leads the more memory usage.
>

Well, yes :-) That's part of the price you're going to pay for the security.

As the programmer said; I can make it better, faster and cheaper. Pick any
two.


--
Bier met grenadyn
Is als mosterd by den wyn
Sy die't drinkt, is eene kwezel
Hy die't drinkt, is ras een ezel

--0016e659f534a1863d04914dc6ef--

Re: Best encription method?

--0-263097014-1285740978=:8431
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Sir, I must adopt the encryption. I shall bear the cost of the memory.=
=0AThank you for the guidance. Vikram A =0A_______________=
_________________=0AFrom: Johan De Meersman =0ATo: Vikr=
am A =0ACc: MY SQL Mailing list m>=0ASent: Tue, 28 September, 2010 2:08:57 PM=0ASubject: Re: Best encriptio=
n method? =0AOn Mon, Sep 27, 2010 at 3:43 PM, Vikram A ipl@yahoo.in> wrote: =0A>Normally, If i need to store an integer value=
i have to define it as int, If I=0A>encrypt this, i must define its type a=
s string of different size[it depend upon=0A>the encryption output] than it=
s original size. It increases the db size. I am=0A>known that if it is secu=
re i have to choose encryption. but when i choose=0A>encryption it leads th=
e more memory usage.=0A> Well, yes :-) That's part of the price you're=
going to pay for the security. As the programmer said; I can make it =
better, faster and cheaper. Pick any two.=0A -- =0ABier met grenadyn=
=0AIs als mosterd by den wyn=0ASy die't drinkt, is eene kwezel=0AHy die't d=
rinkt, is ras een ezel =0A
--0-263097014-1285740978=:8431--

Re: Best encription method?

--0-1862490064-1289309441=:61384
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Sir, We have done a encryption by using our own algorithm. it works fi=
ne. But during =0Athe report analysis we are facing the performance issue. =
Which is not =0Aappreciated by our users. =0AWe need only one column =
to be encrypted and the column size will never exceed 3 =0Achars. =0A=
We have planed to use the AES_ENCRYPT and AES_DECRYPT by using the "key str=
ing" =0Aas a parameter. We can keep this key string as our security point. =
We found it =0Ais giving better performance in all cases. Can i have =
your advise please? Thank you in advance! Vikram A =0A=
________________________________=0AFrom: Vikram A =0A=
To: Johan De Meersman =0ACc: MY SQL Mailing list @lists.mysql.com>=0ASent: Wed, 29 September, 2010 11:46:18 AM=0ASubject: Re=
: Best encription method? =0ASir, I must adopt the encryption. I =
shall bear the cost of the memory.=0AThank you for the guidance. Vikr=
am A =0A________________________________=0AFrom: Johan De Meersm=
an =0ATo: Vikram A =0ACc: MY SQL =
Mailing list =0ASent: Tue, 28 September, 2010 2:08:5=
7 PM=0ASubject: Re: Best encription method? =0AOn Mon, Sep 27, 2=
010 at 3:43 PM, Vikram A wrote: =0A>Normally, I=
f i need to store an integer value i have to define it as int, If I=0A>encr=
ypt this, i must define its type as string of different size[it depend upon=
=0A>the encryption output] than its original size. It increases the db size=
.. I am=0A>known that if it is secure i have to choose encryption. but when =
i choose=0A>encryption it leads the more memory usage.=0A> Well, yes :=
-) That's part of the price you're going to pay for the security. As t=
he programmer said; I can make it better, faster and cheaper. Pick any two.=
=0A -- =0ABier met grenadyn=0AIs als mosterd by den wyn=0ASy die't dr=
inkt, is eene kwezel=0AHy die't drinkt, is ras een ezel
--0-1862490064-1289309441=:61384--

Re: Best encription method?

--00032557364a0ec99c04949ed1b7
Content-Type: text/plain; charset=ISO-8859-1

Seems like a better plan than simply rolling your own, yes. Do make sure
that the key string is well-documented :-p

On Tue, Nov 9, 2010 at 2:30 PM, Vikram A wrote:

> Sir,
>
> We have done a encryption by using our own algorithm. it works fine. But
> during
> the report analysis we are facing the performance issue. Which is not
> appreciated by our users.
>
>
> We need only one column to be encrypted and the column size will never
> exceed 3
> chars.
>
>
> We have planed to use the AES_ENCRYPT and AES_DECRYPT by using the "key
> string"
> as a parameter. We can keep this key string as our security point. We found
> it
> is giving better performance in all cases.
>
> Can i have your advise please?
>
> Thank you in advance!
>
> Vikram A
>
>
>
>
> ________________________________
> From: Vikram A
> To: Johan De Meersman
> Cc: MY SQL Mailing list
> Sent: Wed, 29 September, 2010 11:46:18 AM
> Subject: Re: Best encription method?
>
>
> Sir,
>
> I must adopt the encryption. I shall bear the cost of the memory.
> Thank you for the guidance.
>
> Vikram A
>
>
>
>
> ________________________________
> From: Johan De Meersman
> To: Vikram A
> Cc: MY SQL Mailing list
> Sent: Tue, 28 September, 2010 2:08:57 PM
> Subject: Re: Best encription method?
>
>
>
>
> On Mon, Sep 27, 2010 at 3:43 PM, Vikram A wrote:
>
>
> >Normally, If i need to store an integer value i have to define it as int,
> If I
> >encrypt this, i must define its type as string of different size[it depend
> upon
> >the encryption output] than its original size. It increases the db size. I
> am
> >known that if it is secure i have to choose encryption. but when i choose
> >encryption it leads the more memory usage.
> >
>
> Well, yes :-) That's part of the price you're going to pay for the
> security.
>
> As the programmer said; I can make it better, faster and cheaper. Pick any
> two.
>
>
> --
> Bier met grenadyn
> Is als mosterd by den wyn
> Sy die't drinkt, is eene kwezel
> Hy die't drinkt, is ras een ezel
>
>


--
Bier met grenadyn
Is als mosterd by den wyn
Sy die't drinkt, is eene kwezel
Hy die't drinkt, is ras een ezel

--00032557364a0ec99c04949ed1b7--

Re: Best encription method?

--0-910218413-1289310719=:75300
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Dear Sir, As you advised we will keep the "key" as well documented. =
Thank you Vikram A. ________________________________=
=0AFrom: Johan De Meersman =0ATo: Vikram A @yahoo.in>=0ACc: MY SQL Mailing list =0ASent: Tue, 9=
November, 2010 7:05:39 PM=0ASubject: Re: Best encription method? Seem=
s like a better plan than simply rolling your own, yes. Do make sure that =
=0Athe key string is well-documented :-p =0AOn Tue, Nov 9, 2010 at 2:3=
0 PM, Vikram A wrote: Sir,=0A>=0A>We have done =
a encryption by using our own algorithm. it works fine. But during=0A>the r=
eport analysis we are facing the performance issue. Which is not=0A>appreci=
ated by our users.=0A>=0A>=0A>We need only one column to be encrypted and t=
he column size will never exceed 3=0A>chars.=0A>=0A>=0A>We have planed to u=
se the AES_ENCRYPT and AES_DECRYPT by using the "key string"=0A>as a parame=
ter. We can keep this key string as our security point. We found it=0A>is g=
iving better performance in all cases.=0A>=0A>Can i have your advise pleas=
e?=0A>=0A>Thank you in advance!=0A>=0A>Vikram A=0A>=0A>=0A>=0A>=0A>________=
________________________=0A>From: Vikram A =0A>To: Jo=
han De Meersman =0A>Cc: MY SQL Mailing list s.mysql.com>=0A>Sent: Wed, 29 September, 2010 11:46:18 AM=0A>Subject: Re: B=
est encription method?=0A>=0A>=0A>Sir,=0A>=0A>I must adopt the encryption. =
I shall bear the cost of the memory.=0A>Thank you for the guidance.=0A>=0A>=
Vikram A=0A>=0A>=0A>=0A>=0A>________________________________=0A>Fro m: Johan=
De Meersman =0A>To: Vikram A =0A=
>Cc: MY SQL Mailing list =0A>Sent: Tue, 28 September=
, 2010 2:08:57 PM=0A>Subject: Re: Best encription method?=0A>=0A>=0A>=0A>=
=0A>On Mon, Sep 27, 2010 at 3:43 PM, Vikram A wrote:=
=0A>=0A>=0A>>Normally, If i need to store an integer value i have to define=
it as int, If I=0A>>encrypt this, i must define its type as string of diff=
erent size[it depend =0Aupon=0A>>the encryption output] than its original s=
ize. It increases the db size. I am=0A>>known that if it is secure i have t=
o choose encryption. but when i choose=0A>>encryption it leads the more mem=
ory usage.=0A>>=0A>=0A>Well, yes :-) That's part of the price you're going =
to pay for the security.=0A>=0A>As the programmer said; I can make it bette=
r, faster and cheaper. Pick any two.=0A>=0A>=0A>--=0A>Bier met grenadyn=0A>=
Is als mosterd by den wyn=0A>Sy die't drinkt, is eene kwezel=0A>Hy die't dr=
inkt, is ras een ezel=0A>=0A> =0A-- =0ABier met grenadyn=0AIs als most=
erd by den wyn=0ASy die't drinkt, is eene kwezel=0AHy die't drinkt, is ras =
een ezel =0A
--0-910218413-1289310719=:75300--