FrontBase Documentation

Backtrack:
  Welcome!
    3. FrontBase Specifications
      3.2. Key Features
        3.2.2. FrontBase Security
Updated: 20-Nov-2000
prev — next
Table of Contents

3.2.2.2. Encryption

Encryption is used to protect communication channels and data storage. When you create a FrontBase, you may optionally specify that data stored on the disk should be encrypted. You may also optionally specify that communication channels between the server and its clients must be secure. You must provide an encryption key for each option specified.

Encryption of data
Data stored on the disk is encrypted using a triple DES in cipher block chaining mode on 512 byte blocks. The data store itself is block-oriented with 512 bytes/block, so this effectively encrypts all data, including table definitions, table contents, character data, and BLOBs. The initialization vector depends on the logical position of the block within the system, thus blocks with the same contents will never generate different cipher text blocks. The key used for encryption of data is a 64 bit initialization vector, and 3x56 bits for the DES encryption.

Secure channels
A client and the server are able to establish a secure channel. When a client connects to the server, it receives a public RSA key from the server. The client then generates a set of random session keys: one for outgoing data and one for incoming data. It encrypts those session keys with the public RSA key and sends the results to the server. The server decrypts the session keys sent by the client using its private key. Thus, the client and the server have established a common set of secret keys.
The algorithm used for encryption of communication data is a triple DES in byte stream mode with cipher text and clear text feed back. The clear text feedback ensures that an error will propagate to all bytes following the error. This ensures simple detection of errors and introduces only a small amount of redundancy.

If you have feedback or questions on this document, please send e-mail to doc-feedback@frontbase.com. Please reference the section number and topic. Thanks!!