Gerard Freriks wrote:
>
> Yhink once, think twice if we really want to encrypt information databases.
> As set algoritms change, but more importantly keys change, have to change.
> As do keylenght's.
> And don't forget that people loose keys.
>
> Adding all together I'm against encryption in databases.
>
As much as I like cool technology like encryption, you are absolutely
right, the long term viability is very much in doubt. Now one can argue
that as things move on, backward compatibility can be maintained
(especially if we use open systems). However, that is not adequate for
the following reason: The premise behind encryption was to keep
something secure. IF technology moves on and that algorithm or key
length is no longer secure, to maintain the premise we have to migrate
the data to the new scheme.
So this means that by encrypting data, we are assuming the task of
continual re-encryption as technology moves forward.
