SlideShare ist ein Scribd-Unternehmen logo

Encryption oracle

Als PPTX, PDF herunterladen
M
manong007
TechnologieBildung
1 von 9
All About Encryption
Encryption Overview • Two main types we are concerned with – Data in motion, over the network – Data at rest, datafiles, backups, redo, exports • We will be concentrating on data at rest • Question & Discussion: – What is the goal behind encrypting data? – Why do we do it? – What doesn’t it do for us? What can it NOT protect us from?
Encryption Overview • Data in motion is easily done with SQL*Net and ASO – Network traffic entirely encrypted, snoop proof – Encrypted checksum as well – to prevent “replay” attacks (eg: let’s do that bank transfer twice) – And to prevent modification (eg: let’s change the leading 1 to a 9 in that transaction)
Encryption Overview • Data at rest options… – DBMS_OBFUSCATION_TOOLKIT • 8i-9iR2 • Would not use this anymore • Will not talk about it beyond this slide • Let’s have a quick talk about wrapper packages… – DBMS_CRYPTO • 10gR1 and above • Would not use this unless I had to (because of the next two bullets) – Column Level Encryption • 10gR2 and above (ASO) – Tablespace Encryption • 11gR1 and above (ASO)
DBMS_CRYPTO • Encrypt/Decrypt data procedurally – DES, 3DES – AES – RC4 • Hash functions – MD5, SHA-1, MD4 – Can use secret key as well • Random functions – Raw keys – Number and Integers as well
DBMS_CRYPTO • The major problem – KEY MANAGEMENT – Do you store the key in the application? • How do you secure it there? • You need to retrieve it and transmit it – Do you store the key in the database? • If I steal your database, I have your keys • You will have code that retrieves the key, I will find out how – There are no good answers to this problem.
DBMS_CRYPTO • API driven. • You code it, definitely not transparent. • Definite performance impact (compared to column and/or tablespace encryption) • Supports as inputs – RAW – CLOB – BLOB • And always returns binary output – You will use BLOB or RAW to store – If you use varchar2, you need to round up to multiple of 16 and double the length and RAWTOHEX or base64 encode the data. – Discuss legacy obfuscation toolkit and varchar2 flaw
DBMS_CRYPTO • Simple Examples – Input raw after converting – Specify typ – the stream or block cipher type. Block cipher is what we use for storing data persistently – Key – the encryption key – Use varchar2 interface and the CLOB • Performance – What impact will this have? (it will be different for everyone) Encrypt1.sql – How to measure it? Encrypt2.sql Encrypt3.sql

Empfohlen

Mp26 : Tachyon, sloppiness is bliss
Mp26 : Tachyon, sloppiness is blissMp26 : Tachyon, sloppiness is bliss
Mp26 : Tachyon, sloppiness is blissMontreal Python
 
Hash cat
Hash catHash cat
Hash catSreekanth Narendran
 
The Cryptography has YOU
The Cryptography has YOUThe Cryptography has YOU
The Cryptography has YOUYurii Bilyk
 
How-to crack 43kk passwords while drinking your juice/smoozie in the Hood
How-to crack 43kk passwords while drinking your juice/smoozie in the HoodHow-to crack 43kk passwords while drinking your juice/smoozie in the Hood
How-to crack 43kk passwords while drinking your juice/smoozie in the HoodYurii Bilyk
 
KubeCon EU 2019 - P2P Docker Image Distribution in Hybrid Cloud Environment w...
KubeCon EU 2019 - P2P Docker Image Distribution in Hybrid Cloud Environment w...KubeCon EU 2019 - P2P Docker Image Distribution in Hybrid Cloud Environment w...
KubeCon EU 2019 - P2P Docker Image Distribution in Hybrid Cloud Environment w...Yiran Wang
 
Distributed unique id generation
Distributed unique id generationDistributed unique id generation
Distributed unique id generationTung Nguyen
 
Class 16
Class 16Class 16
Class 16Dr. Ajith Sundaram
 
Class 17
Class 17Class 17
Class 17Dr. Ajith Sundaram
 

Empfohlen

Mp26 : Tachyon, sloppiness is bliss
Mp26 : Tachyon, sloppiness is blissMp26 : Tachyon, sloppiness is bliss
Mp26 : Tachyon, sloppiness is blissMontreal Python
 
Hash cat
Hash catHash cat
Hash catSreekanth Narendran
 
The Cryptography has YOU
The Cryptography has YOUThe Cryptography has YOU
The Cryptography has YOUYurii Bilyk
 
How-to crack 43kk passwords while drinking your juice/smoozie in the Hood
How-to crack 43kk passwords while drinking your juice/smoozie in the HoodHow-to crack 43kk passwords while drinking your juice/smoozie in the Hood
How-to crack 43kk passwords while drinking your juice/smoozie in the HoodYurii Bilyk
 
KubeCon EU 2019 - P2P Docker Image Distribution in Hybrid Cloud Environment w...
KubeCon EU 2019 - P2P Docker Image Distribution in Hybrid Cloud Environment w...KubeCon EU 2019 - P2P Docker Image Distribution in Hybrid Cloud Environment w...
KubeCon EU 2019 - P2P Docker Image Distribution in Hybrid Cloud Environment w...Yiran Wang
 
Distributed unique id generation
Distributed unique id generationDistributed unique id generation
Distributed unique id generationTung Nguyen
 
Class 16
Class 16Class 16
Class 16Dr. Ajith Sundaram
 
Class 17
Class 17Class 17
Class 17Dr. Ajith Sundaram
 
Nats
NatsNats
Nats泓諺 陳
 
UTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domainUTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domainUTD Computer Security Group
 
NLP techniques for log analysis
NLP techniques for log analysisNLP techniques for log analysis
NLP techniques for log analysisJacob Perkins
 
Druid beginner performance tips
Druid beginner performance tipsDruid beginner performance tips
Druid beginner performance tipsvishnu rao
 
Welcome to the nightmare of locking, blocking and isolation levels!
Welcome to the nightmare of locking, blocking and isolation levels!Welcome to the nightmare of locking, blocking and isolation levels!
Welcome to the nightmare of locking, blocking and isolation levels!Boris Hristov
 
The nightmare of locking, blocking and isolation levels!
The nightmare of locking, blocking and isolation levels!The nightmare of locking, blocking and isolation levels!
The nightmare of locking, blocking and isolation levels!Boris Hristov
 
CNIT 1417. Keyed Hashing
CNIT 1417. Keyed HashingCNIT 1417. Keyed Hashing
CNIT 1417. Keyed HashingSam Bowne
 
May The Data Stay with U! Network Data Exfiltration Techniques - Brucon 2017.
May The Data Stay with U! Network Data Exfiltration Techniques - Brucon 2017.May The Data Stay with U! Network Data Exfiltration Techniques - Brucon 2017.
May The Data Stay with U! Network Data Exfiltration Techniques - Brucon 2017.Leszek Mi?
 
Functional Programming and Concurrency Patterns in Scala
Functional Programming and Concurrency Patterns in ScalaFunctional Programming and Concurrency Patterns in Scala
Functional Programming and Concurrency Patterns in Scalakellogh
 
Cryptography
CryptographyCryptography
CryptographyKetan Thakkar
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersSam Bowne
 
Rootconf2019
Rootconf2019Rootconf2019
Rootconf2019Huzaifa Sidhpurwala
 
SPDY @Zynga
SPDY @ZyngaSPDY @Zynga
SPDY @ZyngaMike Belshe
 
Windows Domains Part 2
Windows Domains Part 2Windows Domains Part 2
Windows Domains Part 2UTD Computer Security Group
 
Tim purinton gcc 2016
Tim purinton gcc 2016Tim purinton gcc 2016
Tim purinton gcc 2016GWT
 
Fuentes, Fortalezas, Etc
Fuentes, Fortalezas, EtcFuentes, Fortalezas, Etc
Fuentes, Fortalezas, EtcJOSE DOMINGUEZ
 
Joan perreault gcc 2016
Joan perreault gcc 2016Joan perreault gcc 2016
Joan perreault gcc 2016GWT
 
String_Theory_Essay_Malay
String_Theory_Essay_MalayString_Theory_Essay_Malay
String_Theory_Essay_MalayRaif Sam
 
Railsplitter: Simplify Your CRUD
Railsplitter: Simplify Your CRUDRailsplitter: Simplify Your CRUD
Railsplitter: Simplify Your CRUDFlurry, Inc.
 
Conflict Minerals - A Supply Chain Check for Electronic OEMs Industry
Conflict Minerals - A Supply Chain Check for Electronic OEMs IndustryConflict Minerals - A Supply Chain Check for Electronic OEMs Industry
Conflict Minerals - A Supply Chain Check for Electronic OEMs IndustryBeroe Inc - Advantage Procurement
 
Ppt PENGARUH LAMA PENJEMURAN TERHADAP EFISIENSI MESIN PENGUPAS KULIT ARI KOPI...
Ppt PENGARUH LAMA PENJEMURAN TERHADAP EFISIENSI MESIN PENGUPAS KULIT ARI KOPI...Ppt PENGARUH LAMA PENJEMURAN TERHADAP EFISIENSI MESIN PENGUPAS KULIT ARI KOPI...
Ppt PENGARUH LAMA PENJEMURAN TERHADAP EFISIENSI MESIN PENGUPAS KULIT ARI KOPI...firmanahyuda
 
Cover Letter Alzando Van As Updated
Cover Letter Alzando Van As UpdatedCover Letter Alzando Van As Updated
Cover Letter Alzando Van As UpdatedAlzando Van As
 

Weitere ähnliche Inhalte

Was ist angesagt?

UTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domainUTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domainUTD Computer Security Group
 
NLP techniques for log analysis
NLP techniques for log analysisNLP techniques for log analysis
NLP techniques for log analysisJacob Perkins
 
Druid beginner performance tips
Druid beginner performance tipsDruid beginner performance tips
Druid beginner performance tipsvishnu rao
 
Welcome to the nightmare of locking, blocking and isolation levels!
Welcome to the nightmare of locking, blocking and isolation levels!Welcome to the nightmare of locking, blocking and isolation levels!
Welcome to the nightmare of locking, blocking and isolation levels!Boris Hristov
 
The nightmare of locking, blocking and isolation levels!
The nightmare of locking, blocking and isolation levels!The nightmare of locking, blocking and isolation levels!
The nightmare of locking, blocking and isolation levels!Boris Hristov
 
CNIT 1417. Keyed Hashing
CNIT 1417. Keyed HashingCNIT 1417. Keyed Hashing
CNIT 1417. Keyed HashingSam Bowne
 
May The Data Stay with U! Network Data Exfiltration Techniques - Brucon 2017.
May The Data Stay with U! Network Data Exfiltration Techniques - Brucon 2017.May The Data Stay with U! Network Data Exfiltration Techniques - Brucon 2017.
May The Data Stay with U! Network Data Exfiltration Techniques - Brucon 2017.Leszek Mi?
 
Functional Programming and Concurrency Patterns in Scala
Functional Programming and Concurrency Patterns in ScalaFunctional Programming and Concurrency Patterns in Scala
Functional Programming and Concurrency Patterns in Scalakellogh
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersSam Bowne
 

Was ist angesagt? (14)

Nats
NatsNats
Nats
 
UTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domainUTD Computer Security Group - Cracking the domain
UTD Computer Security Group - Cracking the domain
 
NLP techniques for log analysis
NLP techniques for log analysisNLP techniques for log analysis
NLP techniques for log analysis
 
Druid beginner performance tips
Druid beginner performance tipsDruid beginner performance tips
Druid beginner performance tips
 
Welcome to the nightmare of locking, blocking and isolation levels!
Welcome to the nightmare of locking, blocking and isolation levels!Welcome to the nightmare of locking, blocking and isolation levels!
Welcome to the nightmare of locking, blocking and isolation levels!
 
The nightmare of locking, blocking and isolation levels!
The nightmare of locking, blocking and isolation levels!The nightmare of locking, blocking and isolation levels!
The nightmare of locking, blocking and isolation levels!
 
CNIT 1417. Keyed Hashing
CNIT 1417. Keyed HashingCNIT 1417. Keyed Hashing
CNIT 1417. Keyed Hashing
 
May The Data Stay with U! Network Data Exfiltration Techniques - Brucon 2017.
May The Data Stay with U! Network Data Exfiltration Techniques - Brucon 2017.May The Data Stay with U! Network Data Exfiltration Techniques - Brucon 2017.
May The Data Stay with U! Network Data Exfiltration Techniques - Brucon 2017.
 
Functional Programming and Concurrency Patterns in Scala
Functional Programming and Concurrency Patterns in ScalaFunctional Programming and Concurrency Patterns in Scala
Functional Programming and Concurrency Patterns in Scala
 
Cryptography
CryptographyCryptography
Cryptography
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block Ciphers
 
Rootconf2019
Rootconf2019Rootconf2019
Rootconf2019
 
SPDY @Zynga
SPDY @ZyngaSPDY @Zynga
SPDY @Zynga
 
Windows Domains Part 2
Windows Domains Part 2Windows Domains Part 2
Windows Domains Part 2
 

Andere mochten auch

Tim purinton gcc 2016
Tim purinton gcc 2016Tim purinton gcc 2016
Tim purinton gcc 2016GWT
 
Fuentes, Fortalezas, Etc
Fuentes, Fortalezas, EtcFuentes, Fortalezas, Etc
Fuentes, Fortalezas, EtcJOSE DOMINGUEZ
 
Joan perreault gcc 2016
Joan perreault gcc 2016Joan perreault gcc 2016
Joan perreault gcc 2016GWT
 
String_Theory_Essay_Malay
String_Theory_Essay_MalayString_Theory_Essay_Malay
String_Theory_Essay_MalayRaif Sam
 
Railsplitter: Simplify Your CRUD
Railsplitter: Simplify Your CRUDRailsplitter: Simplify Your CRUD
Railsplitter: Simplify Your CRUDFlurry, Inc.
 
Conflict Minerals - A Supply Chain Check for Electronic OEMs Industry
Conflict Minerals - A Supply Chain Check for Electronic OEMs IndustryConflict Minerals - A Supply Chain Check for Electronic OEMs Industry
Conflict Minerals - A Supply Chain Check for Electronic OEMs IndustryBeroe Inc - Advantage Procurement
 
Ppt PENGARUH LAMA PENJEMURAN TERHADAP EFISIENSI MESIN PENGUPAS KULIT ARI KOPI...
Ppt PENGARUH LAMA PENJEMURAN TERHADAP EFISIENSI MESIN PENGUPAS KULIT ARI KOPI...Ppt PENGARUH LAMA PENJEMURAN TERHADAP EFISIENSI MESIN PENGUPAS KULIT ARI KOPI...
Ppt PENGARUH LAMA PENJEMURAN TERHADAP EFISIENSI MESIN PENGUPAS KULIT ARI KOPI...firmanahyuda
 
Cover Letter Alzando Van As Updated
Cover Letter Alzando Van As UpdatedCover Letter Alzando Van As Updated
Cover Letter Alzando Van As UpdatedAlzando Van As
 
ум ктп 8 кл. 2016 2017
ум ктп 8 кл. 2016 2017ум ктп 8 кл. 2016 2017
ум ктп 8 кл. 2016 2017PolinaMokrushina
 
Nucleas Research Supply.com Case Study.PDF
Nucleas Research Supply.com Case Study.PDFNucleas Research Supply.com Case Study.PDF
Nucleas Research Supply.com Case Study.PDFTyler Furnari
 
1513717 김유정 한스 퀴즈
1513717 김유정 한스 퀴즈1513717 김유정 한스 퀴즈
1513717 김유정 한스 퀴즈유정 김
 
Flurry State of App Nation 2016 - CES APPNATION VII
Flurry State of App Nation 2016 - CES APPNATION VII Flurry State of App Nation 2016 - CES APPNATION VII
Flurry State of App Nation 2016 - CES APPNATION VII Flurry, Inc.
 
How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016Ulf Mattsson
 
Presentation at Big Data & Analytics for Insurance 2016
Presentation at Big Data & Analytics for Insurance 2016Presentation at Big Data & Analytics for Insurance 2016
Presentation at Big Data & Analytics for Insurance 2016Paul Laughlin
 

Andere mochten auch (17)

Tim purinton gcc 2016
Tim purinton gcc 2016Tim purinton gcc 2016
Tim purinton gcc 2016
 
Fuentes, Fortalezas, Etc
Fuentes, Fortalezas, EtcFuentes, Fortalezas, Etc
Fuentes, Fortalezas, Etc
 
Joan perreault gcc 2016
Joan perreault gcc 2016Joan perreault gcc 2016
Joan perreault gcc 2016
 
String_Theory_Essay_Malay
String_Theory_Essay_MalayString_Theory_Essay_Malay
String_Theory_Essay_Malay
 
Railsplitter: Simplify Your CRUD
Railsplitter: Simplify Your CRUDRailsplitter: Simplify Your CRUD
Railsplitter: Simplify Your CRUD
 
Conflict Minerals - A Supply Chain Check for Electronic OEMs Industry
Conflict Minerals - A Supply Chain Check for Electronic OEMs IndustryConflict Minerals - A Supply Chain Check for Electronic OEMs Industry
Conflict Minerals - A Supply Chain Check for Electronic OEMs Industry
 
Ppt PENGARUH LAMA PENJEMURAN TERHADAP EFISIENSI MESIN PENGUPAS KULIT ARI KOPI...
Ppt PENGARUH LAMA PENJEMURAN TERHADAP EFISIENSI MESIN PENGUPAS KULIT ARI KOPI...Ppt PENGARUH LAMA PENJEMURAN TERHADAP EFISIENSI MESIN PENGUPAS KULIT ARI KOPI...
Ppt PENGARUH LAMA PENJEMURAN TERHADAP EFISIENSI MESIN PENGUPAS KULIT ARI KOPI...
 
Cover Letter Alzando Van As Updated
Cover Letter Alzando Van As UpdatedCover Letter Alzando Van As Updated
Cover Letter Alzando Van As Updated
 
ум ктп 8 кл. 2016 2017
ум ктп 8 кл. 2016 2017ум ктп 8 кл. 2016 2017
ум ктп 8 кл. 2016 2017
 
Nucleas Research Supply.com Case Study.PDF
Nucleas Research Supply.com Case Study.PDFNucleas Research Supply.com Case Study.PDF
Nucleas Research Supply.com Case Study.PDF
 
Constituciones 3
Constituciones 3Constituciones 3
Constituciones 3
 
Security Threat Mapping
Security Threat MappingSecurity Threat Mapping
Security Threat Mapping
 
Deep Dive on Amazon Redshift
Deep Dive on Amazon RedshiftDeep Dive on Amazon Redshift
Deep Dive on Amazon Redshift
 
1513717 김유정 한스 퀴즈
1513717 김유정 한스 퀴즈1513717 김유정 한스 퀴즈
1513717 김유정 한스 퀴즈
 
Flurry State of App Nation 2016 - CES APPNATION VII
Flurry State of App Nation 2016 - CES APPNATION VII Flurry State of App Nation 2016 - CES APPNATION VII
Flurry State of App Nation 2016 - CES APPNATION VII
 
How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016
 
Presentation at Big Data & Analytics for Insurance 2016
Presentation at Big Data & Analytics for Insurance 2016Presentation at Big Data & Analytics for Insurance 2016
Presentation at Big Data & Analytics for Insurance 2016
 

Ähnlich wie Encryption oracle

Share winter 2016 encryption
Share winter 2016 encryptionShare winter 2016 encryption
Share winter 2016 encryptionbigendiansmalls
 
7. Key-Value Databases: In Depth
7. Key-Value Databases: In Depth7. Key-Value Databases: In Depth
7. Key-Value Databases: In DepthFabio Fumarola
 
Introduction to Akka-Streams
Introduction to Akka-StreamsIntroduction to Akka-Streams
Introduction to Akka-Streamsdmantula
 
SSL Checklist for Pentesters (BSides MCR 2014)
SSL Checklist for Pentesters (BSides MCR 2014)SSL Checklist for Pentesters (BSides MCR 2014)
SSL Checklist for Pentesters (BSides MCR 2014)Jerome Smith
 
Ice Age melting down: Intel features considered usefull!
Ice Age melting down: Intel features considered usefull!Ice Age melting down: Intel features considered usefull!
Ice Age melting down: Intel features considered usefull!Peter Hlavaty
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2Iftach Ian Amit
 
How secure are your Terraform sensitive values?
How secure are your Terraform sensitive values?How secure are your Terraform sensitive values?
How secure are your Terraform sensitive values?Marko Bevc
 
Introduction to cryptography part1-final
Introduction to cryptography part1-finalIntroduction to cryptography part1-final
Introduction to cryptography part1-finalTaymoor Nazmy
 
Crypto Strikes Back! (Google 2009)
Crypto Strikes Back! (Google 2009)Crypto Strikes Back! (Google 2009)
Crypto Strikes Back! (Google 2009)Nate Lawson
 
Why databases cry at night
Why databases cry at nightWhy databases cry at night
Why databases cry at nightMichael Yarichuk
 
ATLRUG Security Workshop - 9/10/2014
ATLRUG Security Workshop - 9/10/2014 ATLRUG Security Workshop - 9/10/2014
ATLRUG Security Workshop - 9/10/2014 jasnow
 
Automatic tool for static analysis
Automatic tool for static analysisAutomatic tool for static analysis
Automatic tool for static analysisChong-Kuan Chen
 
inside-linux-kernel-rng-presentation-sept-13-2022.pdf
inside-linux-kernel-rng-presentation-sept-13-2022.pdfinside-linux-kernel-rng-presentation-sept-13-2022.pdf
inside-linux-kernel-rng-presentation-sept-13-2022.pdfxiso
 
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptxUNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptxssuserd5e356
 
BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...
BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...
BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...Alexandre Moneger
 
Steve Jones - Encrypting Data
Steve Jones - Encrypting DataSteve Jones - Encrypting Data
Steve Jones - Encrypting DataRed Gate Software
 

Ähnlich wie Encryption oracle (20)

Outsourced database
Outsourced databaseOutsourced database
Outsourced database
 
Outsourced database
Outsourced databaseOutsourced database
Outsourced database
 
Share winter 2016 encryption
Share winter 2016 encryptionShare winter 2016 encryption
Share winter 2016 encryption
 
7. Key-Value Databases: In Depth
7. Key-Value Databases: In Depth7. Key-Value Databases: In Depth
7. Key-Value Databases: In Depth
 
Introduction to Akka-Streams
Introduction to Akka-StreamsIntroduction to Akka-Streams
Introduction to Akka-Streams
 
SSL Checklist for Pentesters (BSides MCR 2014)
SSL Checklist for Pentesters (BSides MCR 2014)SSL Checklist for Pentesters (BSides MCR 2014)
SSL Checklist for Pentesters (BSides MCR 2014)
 
Ice Age melting down: Intel features considered usefull!
Ice Age melting down: Intel features considered usefull!Ice Age melting down: Intel features considered usefull!
Ice Age melting down: Intel features considered usefull!
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2
 
MySQL highav Availability
MySQL highav AvailabilityMySQL highav Availability
MySQL highav Availability
 
How secure are your Terraform sensitive values?
How secure are your Terraform sensitive values?How secure are your Terraform sensitive values?
How secure are your Terraform sensitive values?
 
Introduction to cryptography part1-final
Introduction to cryptography part1-finalIntroduction to cryptography part1-final
Introduction to cryptography part1-final
 
Crypto Strikes Back! (Google 2009)
Crypto Strikes Back! (Google 2009)Crypto Strikes Back! (Google 2009)
Crypto Strikes Back! (Google 2009)
 
Why databases cry at night
Why databases cry at nightWhy databases cry at night
Why databases cry at night
 
ATLRUG Security Workshop - 9/10/2014
ATLRUG Security Workshop - 9/10/2014 ATLRUG Security Workshop - 9/10/2014
ATLRUG Security Workshop - 9/10/2014
 
Automatic tool for static analysis
Automatic tool for static analysisAutomatic tool for static analysis
Automatic tool for static analysis
 
inside-linux-kernel-rng-presentation-sept-13-2022.pdf
inside-linux-kernel-rng-presentation-sept-13-2022.pdfinside-linux-kernel-rng-presentation-sept-13-2022.pdf
inside-linux-kernel-rng-presentation-sept-13-2022.pdf
 
AllBits presentation - Security in Theory
AllBits presentation - Security in TheoryAllBits presentation - Security in Theory
AllBits presentation - Security in Theory
 
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptxUNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
 
BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...
BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...
BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...
 
Steve Jones - Encrypting Data
Steve Jones - Encrypting DataSteve Jones - Encrypting Data
Steve Jones - Encrypting Data
 

Kürzlich hochgeladen

Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 

Kürzlich hochgeladen (20)

Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 

Encryption oracle

  • 1.
  • 3. Encryption Overview • Two main types we are concerned with – Data in motion, over the network – Data at rest, datafiles, backups, redo, exports • We will be concentrating on data at rest • Question & Discussion: – What is the goal behind encrypting data? – Why do we do it? – What doesn’t it do for us? What can it NOT protect us from?
  • 4. Encryption Overview • Data in motion is easily done with SQL*Net and ASO – Network traffic entirely encrypted, snoop proof – Encrypted checksum as well – to prevent “replay” attacks (eg: let’s do that bank transfer twice) – And to prevent modification (eg: let’s change the leading 1 to a 9 in that transaction)
  • 5. Encryption Overview • Data at rest options… – DBMS_OBFUSCATION_TOOLKIT • 8i-9iR2 • Would not use this anymore • Will not talk about it beyond this slide • Let’s have a quick talk about wrapper packages… – DBMS_CRYPTO • 10gR1 and above • Would not use this unless I had to (because of the next two bullets) – Column Level Encryption • 10gR2 and above (ASO) – Tablespace Encryption • 11gR1 and above (ASO)
  • 6. DBMS_CRYPTO • Encrypt/Decrypt data procedurally – DES, 3DES – AES – RC4 • Hash functions – MD5, SHA-1, MD4 – Can use secret key as well • Random functions – Raw keys – Number and Integers as well
  • 7. DBMS_CRYPTO • The major problem – KEY MANAGEMENT – Do you store the key in the application? • How do you secure it there? • You need to retrieve it and transmit it – Do you store the key in the database? • If I steal your database, I have your keys • You will have code that retrieves the key, I will find out how – There are no good answers to this problem.
  • 8. DBMS_CRYPTO • API driven. • You code it, definitely not transparent. • Definite performance impact (compared to column and/or tablespace encryption) • Supports as inputs – RAW – CLOB – BLOB • And always returns binary output – You will use BLOB or RAW to store – If you use varchar2, you need to round up to multiple of 16 and double the length and RAWTOHEX or base64 encode the data. – Discuss legacy obfuscation toolkit and varchar2 flaw
  • 9. DBMS_CRYPTO • Simple Examples – Input raw after converting – Specify typ – the stream or block cipher type. Block cipher is what we use for storing data persistently – Key – the encryption key – Use varchar2 interface and the CLOB • Performance – What impact will this have? (it will be different for everyone) Encrypt1.sql – How to measure it? Encrypt2.sql Encrypt3.sql