Re: Encryption for Dummies?

James - you can USE the SQL functions without storing anything in a PF. Chuck Pence mentioned this already, I believe. Use the SET or VALUES function, I believe.

This seems the easiest way to do stuff here. Scott's example, which I've looked at and played with, uses the RC4 algorithm - it might be fine for your use, it's a stream algorithm - not a block one like AES that is usually preferred. AES is a little more complex to set up - you have to pad out to block length, generate an initialization vector, etc. Service program time.

Of course, the SQL stuff does require a certain minimum release of OS400 - I don't remember what it is, right now.

CIPHER is a great way to go - I'm using it now because I don't have time to work out the validation list APIs. Deadline for a release, is all - I'll probably go with them eventually.

Before V5R4 you have to have product 5722-AC3 installed in order to use RC4 or AES = to use anything beyond the 4 or 5 simple one-way hash-type algorithms available even without AC3.

I don't remember now what your minimum release is - if v5r4, you have lots of stuff to help with encryption, and SQL has a lot of it.

Carsten Flensburg has had several articles that might help. And if you have IBM partner support, they have some nice samples, as well.

HTH
Vern

On 12/16/2011 12:21 PM, James Lampert wrote:

Gary Thompson wrote:

Can you get by with the encryption offered by DB2 SQL ? The Reference manual
has simple examples, look for ENCRYPT and DECRYPT

It's almost certainly not going to be stored in a database file, as
there is no practical reason to waste 36k to store (maybe) 32 bytes.
(It's ridiculous enough to waste 8k on storing them in a *DTAARA!) So
how would SQL encryption even apply?

--
JHHL