Java Mailing List Archive

http://www.gg3721.com/

Home » Hibernate Dev List »

Re: [hibernate-dev] core built-in encryption

Emmanuel Bernard

2013-03-04

Replies: Find Java Web Hosting

Author LoginPost Reply
Irrespective of this discussion, a single salt value for all you entries
is discouraged. It's better to have one salt value per entry. Some
algorithms even embed the salt in the encrypted value itself so that
everything is stored in a single column.

In an ideal world, you would keep the salts in a separate structure
altogether but the embedded salt per entry is a near second in case the
whole dataset is being brute forced.

Emmanuel

On Mon 2013-02-25 13:15, Brett Meyer wrote:
> Have encryption capabilities in ORM ever been considered? There are a few 3rd party libraries, like Jasypt, providing UserTypes to handle encryption behind the scenes. Even basic support for an @Encrypt annotation, hashing, and configurable salt values would be helpful.
>
> Brett Meyer
> Red Hat Software Engineer, Hibernate
>
> _______________________________________________
> hibernate-dev mailing list
> hibernate-dev@(protected)
> https://lists.jboss.org/mailman/listinfo/hibernate-dev
_______________________________________________
hibernate-dev mailing list
hibernate-dev@(protected)
https://lists.jboss.org/mailman/listinfo/hibernate-dev
©2008 gg3721.com - Jax Systems, LLC, U.S.A.