Recent laws passed in New York, California, and other states and pending U.S. federal legislation require that all data be kept private. Does that mean there's another Y2K-style IT effort—and therefore, expense—underway? What about Visa's Cardholder Information Security Program (CISP) policy? Can you continue to accept Visa credit cards if you avoid encrypting a client's credit card number or other personal information?
The Advanced Encryption Standard (AES) is an encryption algorithm that has become a standard for dealing with this situation. To read the rather uninformative federal paper on AES standard, download this document.
The AES algorithm is capable of using cryptographic keys of 128, 192, and 256 bits (16, 24, and 32 bytes) to encrypt and decrypt data in blocks of 128 bits (16 bytes). AES is seemingly more secure than the older RC4 algorithm, which does not use blocking. RC4 can be used to encrypt any character database field and then decrypt it later. No field length change is required.
Unfortunately, if your credit card field is 15 positions long, or 20 for that matter, it may have to be changed. That's right; AES requires that data is encrypted in 16-, 24-, or 32-byte blocks and cannot encrypt data that is not in a multiple of these lengths. So a 64-byte field may be encrypted as well as a 48-byte field but not a 15- or 30-byte field.
You will need to pad the fields to one of these sizes in order to use AES encryption. For example, you can't simply read a 15-byte field, move it into a 16-position field, encrypt the 16-position field, move it back into a 15-byte field, and write it out to the database. When you attempt to decrypt the 15-byte field, the decryption will fail because not all the encrypted data is there.
So if we want to encrypt database fields, do we have to change the lengths of those database fields into multiples of 16, 24, or 32 bytes? If you have to use AES encryption, the answer is a disappointing yes!
What About Encrypting Numeric Fields?
What if you keep credit card numbers or Social Security numbers in numeric fields?
The bad news is that encrypted data can't be stored in packed, zoned decimal, or even date fields in DB2/400 database files. Only character fields may contain encrypted data. Can you say "quagmire"?
Solutions
Currently, only three encryption algorithms are approved by Federal Information Processing Standards (FIPS):
- AES
- Triple DES or TDES
- Skipjack
To read more about these standards, visit the National Institute of Standards and Technology (NIST) Web site.
Today, you may have to use an encryption scheme other than AES to encrypt individual database fields, and you have to verify that it passes federal regulations, state laws, and contract obligations. If not, at least attempt to get a waiver. RC4 encryption is certainly good enough for DB2/400 databases, and it doesn't require a block encryption scheme. Block encryption schemes are fine for sending data over a communications line where a stream of data is being transmitted and is easily padded to 16-byte block length. But it's pretty worthless for storing data in a database file in an encrypted format.
The problem is, the folks passing laws and writing standards are thinking about two different data storage methods—one being stream data that is being transmitted (the standards writers) and the other being the way data is stored (the law makers). I believe that fixed-length database records and fields cannot be encrypted using AES without a major Y2K-style public works project in every IT shop around the world.
Bob Cozzi is a programmer/consultant, writer/author, and software developer of the RPG xTools, a popular add-on subprocedure library for RPG IV. His book The Modern RPG Language has been the most widely used RPG programming book for nearly two decades. He, along with others, speaks at and runs the highly-popular RPG World conference for RPG programmers.
LATEST COMMENTS
MC Press Online