<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#ffffff" text="#000000">
I have been trying out the encryption functions in version 5.6.
Using a <br>
couple of screens, a small customer file, a control file (to
simulate access <br>
to key values), and an input table of about 30 lines for the
customer file, <br>
I've created a small application that will capture amongst other
things, <br>
SS# and CC#. For these two fields I encrypt, then store them when <br>
adding a record. For viewing the record from clerk these fields can
only <br>
be viewed in a masked unencrypted form (using dummy fields). I also
<br>
provided a way for the operator to update these fields, but they
must <br>
enter the correct admin password via inputpw popup to switch screens
<br>
and gain access to these fields again for update.<br>
<br>
All of this works fine I think. Well, I should say that the
interface is <br>
working the way I had intended. What I am curious about is the <br>
use and results of the encryption function. Here is what I don't <br>
understand:<br>
<br>
If I follow the example in the online manual, but substitute the
method <br>
with "AES" and use a constant 16-char key, and do not supply a <br>
nonce value, and after F8 is pressed show also the value of the <br>
nonce supplied by clerk via getnonce(), I get a different nonce
value <br>
each time I press F8 - and this it while I am in update mode in the
<br>
field to be encrypted - all on the same record during the same <br>
update session. This did not surprise me as the documentation <br>
states [under "GETNONCE()"]:<br>
<font style="font-size: 11pt;">---<br>
After a call to ENCRYPT(), you can call GETNONCE() to get <br>
the "nonce" that was used.</font>[..]
<p><font style="font-size: 11pt;"> If "nonce" is not specified,
filePro generates one.<br>
---<br>
What surprised me was when I called encrypt() and then
getnonce() <br>
twice while saving a record (when operator keys ESC ESC):<br>
</font></p>
<p><font style="font-size: 11pt;">Then 6=encrypt(ea,"AES",kkk(1));
4=getnonce()<br>
Then 7=encrypt(eb,"AES",kkk(2)); 5=getnonce()<br>
</font></p>
<p><font style="font-size: 11pt;">(to encrypt both SS & CC
numbers). In this case,<br>
the nonce values generated and stored into fields 4 and 5 <br>
were identical. I'm sure if I need to I can use various things
<br>
to further randomize subsequent nonces, but is this <br>
correct behavior for filepro to generate only one nonce <br>
value here after another encrypt function has been called?<br>
<br>
The documentation goes on to say that "</font><font
style="font-size: 11pt;">Many consider it <br>
important to use a unique nonce with each piece of data <br>
encrypted." I've not done this, so with regard to that <br>
statement and in consideration of the latter behavior I <br>
described above, I'm wondering if it sufficient to use <br>
a single nonce value for all fields to be encrypted <br>
within one record, or if you should have a separate <br>
nonce value for each field.<br>
</font></p>
<p><font style="font-size: 11pt;">Maybe some clarity would help
others trying to use these <br>
functions. That is:<br>
</font></p>
<p><font style="font-size: 11pt;">1. exactly what conditions
trigger a new nonce<br>
value to be created by clerk, and<br>
</font></p>
<p><font style="font-size: 11pt;">2. is it recommended that a new
nonce <br>
value be used with each field in each record that <br>
is to be encrypted or is it sufficient to just get a <br>
new value for each record.<br>
</font></p>
<p><font style="font-size: 11pt;">Bruce<br>
<br>
</font></p>
<p><font style="font-size: 11pt;">Bruce Easton<br>
STN, Inc.<br>
</font></p>
<p><font style="font-size: 11pt;"><br>
</font></p>
<p><font style="font-size: 11pt;"><br>
</font></p>
<p><font style="font-size: 11pt;"><br>
</font></p>
<br>
</body>
</html>