The solidDB® server offers two encryption methods for keeping your data secure: the built-in DES algorithm and the OpenSSL libcrypto. By default, DES encryption is used and only passwords are encrypted. The use of OpenSSL libcrypto must be configured separately. If you want to encrypt the database files and log files using DES or OpenSSL libcrypto, you need to create an encrypted database using solidDB® command-line options. You can also disable the encryption of passwords.
DES algorithm
The DES algorithm shipped with solidDB® is based on a symmetric-key algorithm that uses a 56-bit key. To protect the symmetric encryption key, a startup password must be specified when creating, starting, or decrypting an encrypted database.
The solidDB® DES algorithm is a single-DES algorithm that is not recommended for applications that require strong security.
OpenSSL
The OpenSSL libcrypto is a library that can be used with the solidDB® server to enforce strong encryption of passwords and data. Note that the OpenSSL libcrypto is not shipped and installed with the solidDB® server. You must acquire OpenSSL libcrypto yourself: see www.openssl.org.The OpenSSL libcrypto library must be available on both the computer where your application (client) is running, and on the computer where solidDB® server is running. As with DES encryption, a startup password must be specified when creating, starting, or decrypting a OpenSSL encrypted database.
OpenSSL uses the RSA algorithm for public-key encryption. You can set the RSA key length to 1024 (default), 2048, or 4096 bits.
OpenSSL is supported with the solidDB® ODBC Driver and the solidDB® data management tools, except for the solidDB® SA API based solidDB® Speed Loader solload. When using OpenSSL, use the solidDB® ODBC API based solloado.