VistaDB 6
VistaDB / Why VistaDB? / Why VistaDB - Encryption
In This Topic
    Why VistaDB - Encryption
    In This Topic

    VistaDB offers strong, FIPS-compliant encryption without compromising its legendary ease of deployment.  All you have to do is specify that the database should be encrypted and provide a decryption key (password).  When you subsequently want to access the database (for its data or schema) you provide the same key.

    How The Database is Encrypted

    When encryption is enabled, every block of schema information and data is encrypted using AES256.  It's decrypted into memory then automatically re-encrypted when it has to be written out.  This encryption even applies to temporary files and maintenance activities so temp indexes, temporary tables, and working files used to repair or pack the database are all encrypted.

    If your application uses .NET 4.0 or later and the VistaDB Engine for .NET 4.0 then the CAPI provider for AES256 is used which is FIPS-compliant.  For compatibility with older operating systems and versions of .NET the VistaDB Engine for .NET 2.0 uses a managed (.NET) version of AES that is binary-compatible with the FIPS-compliant version.  Both of these cryptographic protocols are maintained by Microsoft as part of either the .NET Framework or Windows and are not proprietary to VistaDB.

    Encrypting and Decrypting an Existing Database

    If you want to change the encryption on a database - either to convert it from plain to encrypted, encrypted to plain, or change the encryption password - the process is the same.  You pack the database and provide the relevant existing password or new password.  The entire database file is rewritten from the current encryption form to the requested encryption form.  For more information, see How To - Pack a Database.

    Recovering an Encrypted Database Without the Password

    There is no way to access an encrypted database without the password.  There is no built-in back door, key retrieval system, or other mechanism to allow the developers of VistaDB to access the database without the password.

    If the password for an encrypted database is lost, the datababse is not recoverable, even by VistaDB Support.
    See Also