Link to home
Create AccountLog in
Avatar of PDSWSS
PDSWSS

asked on

What FIPS compliant options are available to encrypt an MS Access 2000 database?

I need to encrypt (FIPS compliant) an MS Access 2000 database (Windows Server 2003 - File Share) so it can be decrypted by remote clients (XP).  I have not been able to successfully deploy EFS with these databases and am now  looking for alternative solutions. Are there any that you would suggest?

Thanks
Avatar of Jeffrey Coachman
Jeffrey Coachman
Flag of United States of America image

PDSWSS,

As I stated in your previous post:
Look into PGP:
http://www.pgp.com/newsroom/mediareleases/2005/momentum.html

JeffCoachman
Hmm. the PGP SDK *is* FIPS compliant, but is a C library; it may be problematic to call from Access (I haven't seen any guides to calling the library from VBA, but perhaps the company will provide you with some if you are willing to pay for their sdk)

OpenSSL is even worse - you have to compile the FIPS version yourself, and even then (again) its a C library. I would seriously suggest avoiding this unless you have a developer on-staff who could compile it for you.

EBCrypt is basically a activex wrapper around openssl, but its the full (not FIPS) version so does not in itself contain a certified FIPS module. It may however be worthwhile contacting the author and asking if he could produce a version that uses the FIPS build of OpenSSL instead of the standard build. EBCrypt is probably the closest I know of to a VBA compatable FIPS library...

http://www.ebcrypt.com/
Avatar of PDSWSS
PDSWSS

ASKER

DaveHowe,  

EBCrypt sounds like an interesting option. It is 3DES compatible which is a FIPS compliant algorithm.

However, it concerns me that you say its "a ... around openssl."  I need to encrypt file shares. Isn't SSL
an algorithm used to encrypt web based data transported between connections?

In addition, because we only have a handful of people who need to decrypt-encrypt the Access db remotely and we all know each other- I wanted to use self-signed certificates which are generated with EFS. Any idea if the self-signed function exists with EBCrypt algorithms?  Thanks, Paul




DaveHowe,

Thanks for the clarification on PGP.
(I only knew that it was FIPS compliant)
;-)

JeffCoachman
ASKER CERTIFIED SOLUTION
Avatar of Dave Howe
Dave Howe
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of PDSWSS

ASKER

DaveHowe,

I appreciate your very detailed explanation. I am not a programmer so what you have written is difficult for me to follow. That said I will award you the 500 points since you provided an in depth answer to my question. I had hoped to find an answer that would involve no or minimal code development. EFS could be deployed mostly with GUI but unfortunately couldn't get it to work with Access.

If there is no other software option that I can implement without extensive code development perhaps
a hardware encryption device may be an alternative.  Thanks