Data Encryption
PSQL v12 supports encrypting the database-related network traffic that occurs when using PSQL. This type of encryption is often called wire encryption because it protects the data when it is traveling on the network wire, or on any intervening network infrastructure, including wireless. While the use of wire encryption is not required, it provides additional deterrence against unauthorized access to the data transmitted by your application over a network.
This encryption feature is not directly related to the security models. Any of the security models can be used with or without wire encryption turned on.
Configuration Parameters for Wire Encryption
There are two configuration settings associated with wire encryption. The settings must be configured at each client machine as well as at the server. For more information on these settings, see
Wire Encryption
Wire Encryption Level
To access wire encryption settings
1
In PCC PSQL Explorer, perform one of the following:
For a server, right-click the server name under the Engines node. (Click the plus (+) signs to expand the nodes.)
For a client, right click on MicroKernel Router under the Local Client node. (Click the plus (+) signs to expand the nodes.)
2
Click Properties.
3
Click Access in the tree.
Encryption Notes
This release of the product uses a well-known and time-tested public domain encryption algorithm called Blowfish to perform the encryption before data passes over the network.
Encryption using a 40-bit key provides the least amount of protection for the data. Encryption using a 56-bit key is more difficult to compromise. Finally, encryption using the 128-bit key is the generally considered very difficult to compromise.
*Note: Using encryption slows the network throughput of your data.
Backward Compatibility
Because previous versions of PSQL did not support wire encryption, they will be unable to communicate with a client or server from this release that requires encryption. Any client or server that does not support encryption will return an error if it attempts to connect to a client or server that requires encryption.
Setting Up Encryption
Before turning on the encryption settings in your environment, think about your encryption needs first. You can set up your encryption environment in a variety of ways, depending on your situation. There are four general schemes possible:
No encryption
All communications encrypted
Encryption to/from specific clients
Encryption to/from specific servers
No Encryption
First of all, consider whether your data has characteristics that would favor encryption. Is your data confidential or proprietary? Is it valuable in the hands of unauthorized users? Can it be used to harm your organization? If you answer no to these question and others like them, then your data may not need to be encrypted at all. Under these circumstances, there may be no reason to incur the performance trade-off that encryption entails. If you aren’t sure, consult a data security expert.
Assuming your data does need to be protected, you still may not need encryption. If your applications run solely on a LAN, and you are comfortable with the physical security of your network infrastructure, encryption may not be necessary.
Encryption to/from Specific Clients
Now suppose that you have one major customer at a remote site that has a connection to your database. You may wish to use encryption only for the communications that go to/from that remote client. You can achieve this affect by setting Wire Encryption at the remote client to Always and setting the server values accessed by that remote client to If Needed. All your internal clients would be set to Never. Thus, the servers will only use encryption when communicating with the remote client that requires encryption.
Encryption to/from Specific Servers
Now, suppose the situation is reversed and your environment includes one or more remote servers that are accessed by network infrastructure that you do not trust 100%. In this case, you can set those server values to Always, and set the local client values to If Needed. The result is encrypted communications only to those remote servers that require it.
All Communications Encrypted
Finally, if your PSQL applications often run over WAN, VPN, or other external networks that you do not trust 100%, then you may wish to encrypt 100% of your database communications. In this scenario, you would set Wire Encryption to Always at all clients and servers.
Choosing an Encryption Level
Once you have decided which clients and servers require encrypted communications, you must decide what level of deterrence is appropriate for your needs.
While Actian Corporation cannot offer advice regarding the encryption level that meets your specific needs, we can provide some guidelines to help inform your discussions with an appropriate data security expert. These guidelines do not represent a guarantee or warranty from Actian Corporation that no third party will be able to intercept and/or decode your encrypted data. As with any encryption scheme, there is no such thing as an “unbreakable” code, only varying levels of difficulty to compromise different types of encryption. The 128-bit encryption used by PSQL would be considered very difficult to decode using techniques and equipment available to a highly sophisticated individual hacker.
Low (40-bit) Encryption
Consider using this level of encryption in cases where your data has limited ability to harm your organization or your customers if it falls into the wrong hands. Another reason to consider a Low level of encryption is if you wish simply to prevent a casual observer on your network from being able to read your data as it travels over the wires.
Medium (56-bit) Encryption
Consider using this level of encryption in situations where you believe you need somewhat more protection than against just a casual observer, but you do not believe you require the strongest level of security.
High (128-bit) Encryption
Consider using this level of encryption in situations where your data contains very sensitive information such as credit card numbers, social security numbers, financial account numbers, or other information protected by law. Especially consider this level of encryption if your database is associated with an entity on the network that is well-known to contain sensitive data, such as an Internet shopping web site or an online securities brokerage web site. Consider this level of encryption if your organization has previously suffered attempts to compromise its data security.
Effects of Encryption
Using encryption reduces client/server performance. With encryption turned on, each piece of data must be encoded at the source and decoded at the destination. This process requires additional CPU cycles when compared to the same operations performed without encryption. The level of encryption should not affect the performance. The performance drop in using encryption is roughly the same no matter which of the three encryption levels you choose.
Owner Name Encryption
PSQL offers encryption of data files on disk. To require that your data files be encrypted when written to disk, you must set an owner name on each file.
See Owner Names for more information.