Support Forums - View Thread

View Thread

The following is the text of the current message along with any replies.

Messages 1 to 3 of 3 total

Wed, Nov 15 2006 6:11 PM	Permanent Link
Joe Real	Hi Guys, We are being audited by security agencies and would like to know soonest, the best equivalent strength of DBISAM's overall encryption strength in terms of effective bit strength for encrypted communication between the DBISAM Server and Client. Although it is documented as combination of blowfish and MD5, what is the overall effectivity? Joe
Thu, Nov 16 2006 9:09 AM	Permanent Link
"Ralf Mimoun"	Joe Real wrote: > Hi Guys, > > We are being audited by security agencies and would like to know > soonest, the best equivalent strength of DBISAM's overall encryption > strength in terms of effective bit strength for encrypted > communication between the DBISAM Server and Client. Although it is > documented as combination of blowfish and MD5, what is the overall > effectivity? Take a look at http://en.wikipedia.org/wiki/Blowfish_%28cipher%29. With a long enough key, you are safe. And everybody in the IT security business will know that Blowfish is a well known and good block cipher. MD5 is "just" a checksum/hash value function, so you don't have to send and store passwords (which is always a very bad idea). The encryption scheme used by Elevate is state-of-the-art. The only thing I can't find is the key length used for Blowfish. Ralf
Thu, Nov 16 2006 4:05 PM	Permanent Link
Tim Young [Elevate Software] Elevate Software, Inc. timyoung@elevatesoft.com	Joe, << We are being audited by security agencies and would like to know soonest, the best equivalent strength of DBISAM's overall encryption strength in terms of effective bit strength for encrypted communication between the DBISAM Server and Client. Although it is documented as combination of blowfish and MD5, what is the overall effectivity? >> Please see my email. -- Tim Young Elevate Software www.elevatesoft.com