VistaDB 5
Gibraltar VistaDB > Why VistaDB? > Why VistaDB - Encryption
Why VistaDB - Encryption

VistaDB offers strong, FIPS-compliant encryption without compromising its legendary ease of deployment.  All you have to do is specify that the database should be encrypted and provide a decryption key (password).  When you subsequently want to access the database (for its data or schema) you provide the same key.

How The Database is Encrypted

When encryption is enabled, every block of schema information and data is encrypted using AES128.  It's decrypted into memory then automatically re-encrypted when it has to be written out.  This encryption even applies to temporary files and maintenance activities so temp indexes, temporary tables, and working files used to repair or pack the database are all encrypted.

If your application uses .NET 4.0 or later and the VistaDB Engine for .NET 4.0 then the CAPI provider for AES 128 is used which is FIPS-compliant.  For compatibility with older operating systems and versions of .NET the VistaDB Engine for .NET 2.0 uses a managed (.NET) version of AES that is binary-compatible with the FIPS-compliant version.  Both of these cryptographic protocols are maintained by Microsoft as part of either the .NET Framework or Windows and are not proprietary to VistaDB.

Encrypting and Decrypting an Existing Database

If you want to change the encryption on a database - either to convert it from plain to encrypted, encrypted to plain, or change the encryption password - the process is the same.  You pack the database and provide the relevant existing password or new password.  The entire database file is rewritten from the old encryption form to the new.

Recovering an Encrypted Database WIthout the Password

There is no way to access an encrypted database without the password.  There is no built-in back door, key retrieval system, or other mechanism to allow the developers of VistaDB to access the database without the password.  If the password is lost, the database is inaccessible forever.

See Also