Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Possible to use SHA-3 for encrypting database data?

Status
Not open for further replies.
snoopy6129

snoopy6129

MIS
Mar 26, 2001
17
US
We are working with a vendor that will be in custody of some of our business data (e.g., customer contact info, products purchased, payment info, and similar). To get a sense of how our data will be protected, I asked a few questions about data encryption and data backup. When I asked i asked if our data will be stored encrypted, they said 'yes' and they do so using SHA-3.

I am not an expert, but I feel I know enough to sense that this doesn't sound right. My understanding is the SHA is a hashng function and that SHA-3 hasn't been ratify yet.

Before I go back to my vendor to question them about this, I would those familiar with this to comment about what I researched and determined. If I am missing something or I am wrong, please let me know.

Much appreciated. Thank you in advance.
 
Sort by date Sort by votes
The way I've always understood it, a hash value is to prove that a set of data has not been modified or corrupted from its original value. For example, you want to download a fun free game from the internet. They give you a hash value for the EXE installer. You find a site to download it. You could compare the hash value that they give (from the real unadulterated file) with one for the file that you actually download.

If they are different, then the file is not what it should be - intentionally or accidentally changed.

So for backup, this would be a way of verifying that what they have in storage or going into their storage is YOUR data in good condition.

Encryption of your data before it leaves your premises is what you should be asking about. Maybe you're talking to the wrong person or maybe this company doesn't know enough to be in charge of your data.

For example, Mozy uses 448-bit encryption on data before it leaves my computer so as to be "un-hackable" on its way to their servers.

Make sense?? Be wary of using these people if they can't give you good answers. It's ONLY your data.
 
Upvote 0 Downvote
Thank goombawaho. Yes, it makes sense. I appreciate your input. It helps me validate my concern..
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

anil5555
  • Locked
  • Question
Networker in HA ( High availability ) for DR
Replies
0
Views
476
anil5555
anil5555
Martha_SysAdm
  • Locked
  • Question
Which hardware and software can i consider for Backup and Disaster recovery 1
Replies
3
Views
667
goombawaho
goombawaho
Martha Sipe
  • Locked
  • Question
thread528-1602310 Wanted to talk a
Replies
1
Views
516
LucilleWJarrett
LucilleWJarrett
BungleBear
  • Locked
  • Question
Arcserve - Sharepoint Online
Replies
0
Views
430
BungleBear
BungleBear
Robert Lee
  • Locked
  • Question
Rubber roller of Onstream drives have turned to goo in 2020.
Replies
7
Views
808
edfair
edfair

Part and Inventory Search

Sponsor

Back
Top