PxPlus User Forum

Twitter Twitter Twitter

Author Topic: Encryption of data  (Read 271 times)

sallison

  • New Member
  • *
  • Posts: 1
    • View Profile
Encryption of data
« on: February 03, 2021, 02:30:12 PM »
The new feature to encrypt file passwords and data using AES256 is a great enhancement.   

Our customers are beginning to demand that more and more data is considered PII sensitive.

Couple of questions on how others are managing -

Key management :  how best to change and manage keys for annual change -- assume password remove and then apply new.   any experience on huge files out there?

Implementation:   Advice on best practice for managing the "open" statements on current files -- a global variable seems way to insecure,  modifying each to include the KEY, again visible password or global,  build a control file to house key(s) for open statement - again plain text.

Performance:  implications of encrypting most data?

No recovery of file possible through utilities?

Devon Austen

  • Staff
  • Diamond Member
  • *****
  • Posts: 277
  • Don’t Panic
    • View Profile
    • PVX Plus Technologies
Re: Encryption of data
« Reply #1 on: February 04, 2021, 10:58:22 AM »
I will try to answer some of the questions to the best of my knowledge.

Quote
Key management :  how best to change and manage keys for annual change -- assume password remove and then apply new.   any experience on huge files out there?
You can only add/remove passwords on locked and empty files. If you want to change the password you will have to create a new empty file add the new password and copy over the data. The time this takes is mostly how long it will take to read and write the data. The bigger the file the longer it will take.

Quote
Implementation:   Advice on best practice for managing the "open" statements on current files -- a global variable seems way to insecure,  modifying each to include the KEY, again visible password or global,  build a control file to house key(s) for open statement - again plain text.
If you don't want to prompt the user for the password the best approach would be to hard code it into a encrypted program this way it is not visible.

Quote
Performance:  implications of encrypting most data?
There is a performance penalty for encrypting the data. It is a bigger difference on the write as compared to the read. It is hard to guess at the performance difference you would see there are so many variables that can effect it. Often the performance impact is not very large. I would recommend you encrypt any data that is at all sensitive.

Quote
No recovery of file possible through utilities?
When you encrypt the data you also encrypt all key and data blocks; therefore, routines that attempt to parse a passworded file in binary mode will not function correctly. This includes *UFAR, the file recovery utility. If you have the password and can still open the file creating a new file and copying over all non-corrupted records will work. Ideally having a robust backup system is better so if a file is corrupted you can restore from backup.
Software Developer for PVX Plus Technologies LTD.

Mike King

  • Administrator
  • Diamond Member
  • *****
  • Posts: 3419
  • Mike King
    • View Profile
    • PVX Plus Technologies
Re: Encryption of data
« Reply #2 on: February 05, 2021, 03:47:23 PM »
Some additional thoughts:

Due to the nature of files being fully encrypted it makes recovery of the data pretty much impossible.  What I often recommend is you simply manually encrypt those fields you feel are critical such as a credit card number, SIN, or similar.  You can use the the built in HSH function to accomplish this:

Val$=CVS( HSH(PASSWORD CreditCard$ WITH "aes-256-ofb",KEY=ATH(HSH(password$,-2))),"ASCII:BASE64")

This will take the value in "CreditCard$" and encrypt using the aes-256-ofb algorithm based on the SHA-256 of the password you chose.  In order to be able to store this on a file in printable format we finally use  BASE64 conversion on the value.

You can Extract it using:

x$ = CVS(val$,"BASE64:ASCII")
CreditCard$ = HSH(EXTRACT x$ WITH "aes-256-ofb",KEY=ATH(HSH(password$,-2)))


Now as for hiding the password, one simple technique is put the password in a system environment variable.  You can then reference it using:

password$ = ENV("OurPassword")

If someone takes the programs they don't have the password, so really they need the environment to get the password.   If running NTHost, or Simple CS, you only need to set this in the base launching process and it will be carried through all spawned tasks.  As long as you keep them from getting to command mode in the language they can't print the ENV value on any other session.

You could even make the password come from multiple sources -- simply append other data to the password prior passing it to the HSH(..., -2) function.

Since just some of the fields are encrypted the file can be recovered if needed and if someone does get hold of the data file, the encrypted data is pretty much useless.