Re: Encryption

From: Anynomous (wipeout64_at_hotmail.com)
Date: 10/13/04


Date: Wed, 13 Oct 2004 14:26:27 GMT

Thanks this helps. It seems that using encrypting software may slow down the
app, but actually it may not if I'm able to only use it on the smaller code
files and am not locked into using it on all. I'll check these out.

"Rick Bean" <rgbean@unrealmelange-inc.com> wrote in message
news:OlU9PwSsEHA.2320@TK2MSFTNGP12.phx.gbl...
There is no native encryption for VFP DBF's, but you got a number of
options.

If you were encrypting the whole table, then one of the easiest and most
secure is Cryptor IV by Xitech (http://www.xitech-europe.co.uk/ ), but it is
a commercial product. They have a demo version to show how easy it is to
implement, and in my testing, there was very little overhead introduced on
all but the largest tables. I've used different versions in custom apps
under both FPW and VFP.

NetLib also has Encryptionizer (http://www.netlib.com), but I've never used
it.

One freeware solution to encryption is the CryptPak by Milan Kosina
(http://milan.jikos.cz/). Another is CIPHER50.FLL based on work by Tom
Rettig and available at the UT (http://www.universalthread.com/ ) in the
Download area.

VFP 7.0 & 8.0 have a Crypto API component in the Foundation Classes that
uses the MS API encryption.

And of course, if you are only encrypting fields you can always "roll your
own" - high powered encryption schemes are severely crippled when you use
short data strings, so your algorithm will be just as "secure".

VFP 7.0 & 8.0 also provide database events that make it easy to check when
files are opened, so you could implement a security scheme. However, if
someone choses to use a non-VFP way to open the tables (e.g. a Hex File
viewer), then this wouldn't be very effective.

If you really need data secuity, then you might want to consider using
MSDE/SQL Server as your data store and use VFP as a frontend to access the
data.

Rick

"Anonymous" <wipeout64@hotmail.com> wrote in message
news:c835bafc.0410121204.4eb0e48a@posting.google.com...
>I have an application where most tables are too large to wrap into the
> executable. It would make the executable too large. That's ok. So I
> only put my smaller tables in the executable and wrapped it into the
> exe so at least (I thought) people can't read my cross-reference files
> thus exposing my framework.
>
> I then deleted the tables from the hard drive because I thought they
> would be wrapped into the exe, but I get an error message upon
> execution that the file is not found. How can I hide my tables from
> people who own the professional version FoxPro? Someone actually asked
> me which files are the cross reference files and even explained why
> they wanted to know!



Relevant Pages

  • Re: Encryption
    ... There is no native encryption for VFP DBF's, but you got a number of options. ... > exe so at least people can't read my cross-reference files ... > execution that the file is not found. ...
    (microsoft.public.fox.vfp.queries-sql)
  • Re: AES timing attack immunity -- status report
    ... What he measures is the TOTAL time for encryption of the chosen ... how does one go about to determine the execution time of the ... opponent has the capability to modify some code of the user, ... chosen plaintext), I would think. ...
    (sci.crypt)
  • Re: Securing data to a process principal
    ... reasonable controls that protect against "casual" abuse. ... hooks into your encryption function) and you cannot prevent an admin using ... The RM analyst also uses an app that has an embedded obfuscated key (I'll ... where the secret is stored in the registry. ...
    (microsoft.public.platformsdk.security)
  • Re: Securing data to a process principal
    ... The RM analyst also uses an app that has an embedded obfuscated key (I'll ... where the secret is stored in the registry. ... can use a login context of the app ID itself as the encryption key as I've ... application should be able to decrypt data on another computer. ...
    (microsoft.public.platformsdk.security)
  • Re: Securing data to a process principal
    ... Yes, you can protect against ... The RM analyst also uses an app that has an embedded obfuscated key (I'll ... where the secret is stored in the registry. ... encryption would be done with a key that was associated with the app ID. ...
    (microsoft.public.platformsdk.security)