The solidDB^® server offers two encryption methods for keeping your data secure: the built-in DES algorithm and the IBM Global Security Kit (GSKit). By default, DES encryption is used and only passwords are encrypted. The use of GSKit must be configured separately. If you want to encrypt the database files and log files using DES or GSKit, you need to create an encrypted database using solidDB^® command-line options. You can also disable the encryption of passwords.

The DES algorithm shipped with solidDB^® is based on a symmetric-key algorithm that uses a 56-bit key. To protect the symmetric encryption key, a startup password must be specified when creating, starting, or decrypting an encrypted database.

The solidDB^® DES algorithm is a single-DES algorithm that is not recommended for applications that require strong security.

The IBM Global Security Kit (GSKit) is a library that can be used with the solidDB^® server to enforce strong encryption of passwords and data. The GSKit is shipped and installed with the solidDB^® server. The GSKit library must be available on both the computer where your application (client) is running, and on the computer where solidDB^® server is running. As with DES encryption, a startup password must be specified when creating, starting, or decrypting a GSKit encrypted database.

GSKit uses the RSA algorithm for public-key encryption. You can set the RSA key length to 1024 (default), 2048, or 4096 bits.

GSKit is supported with the solidDB^® ODBC Driver and the solidDB^® data management tools, except for the solidDB^® SA API based solidDB^® Speed Loader solload. When using GSKit, use the solidDB^® ODBC API based solloado.