资讯

精准传达 • 有效沟通

从品牌网站建设到网络营销策划,从策略到执行的一站式服务

撒点盐Salt

Salt is a way to strengthen the security of encrypted data. It is a random string added to the data before it is encrypted, causing repetition of text in the clear to appear different when encrypted. Salt thus removes one method attackers use to steal data, namely, matching patterns of encrypted text.


To add or remove salt from encrypted columns, you again use the ALTER TABLE MODIFY command with either the SALT or NO SALT parameter specified with the ENCRYPT clause. Example 3-3 and Example 3-4 illustrate such commands.


Example 3-3 Adding Salt to an Encrypted Column


ALTER TABLE employee MODIFY (first_name ENCRYPT SALT);
Example 3-4 Removing Salt from an Encrypted Column


ALTER TABLE employee MODIFY (first_name ENCRYPT NO SALT);
To remove salt from an encrypted column before indexing it, use the syntax shown in Example 3-4. This command also re-encrypts the data.




Creating a Table with an Encrypted Column Using a Non-Default Algorithm and No Salt
By default, transparent data encryption adds salt to cleartext before encrypting it. This makes it harder for attackers to steal the data through a brute force attack.


However, if you plan to index the encrypted column, you must use NO SALT. Example 3-6 shows how to specify the NO SALT parameter with the SQL ENCRYPT clause (empID NUMBER ENCRYPT NO SALT). It also shows the syntax for specifying a different encryption algorithm (salary NUMBER(6) ENCRYPT USING '3DES168'). Note that the string which specifies the algorithm must be enclosed in single quotation marks.


Example 3-6 Creating a New Table with an Encrypted Column Using 3DES168 and NO SALT


CREATE TABLE employee (
     first_name VARCHAR2(128),
     last_name VARCHAR2(128),
     empID NUMBER ENCRYPT NO SALT,
     salary NUMBER(6) ENCRYPT USING '3DES168'
);

网站标题:撒点盐Salt
本文来源:http://cdkjz.cn/article/ppgdse.html
多年建站经验

多一份参考,总有益处

联系快上网,免费获得专属《策划方案》及报价

咨询相关问题或预约面谈,可以通过以下方式与我们联系

大客户专线   成都:13518219792   座机:028-86922220