SAP Sybase IQ supports Federal Information Processing Standards (FIPS)-approved encryption technology. FIPS is supported on all platforms supported by SAP Sybase IQ.
The main impact of FIPS support for SAP Sybase IQ is that encryption can be nondeterministic, which is the default behavior. A nondeterministic algorithm is one in which the same input yields different output values each time. This means that when you use a key to encrypt a string, the encrypted string is different each time. The algorithm, however, can still decrypt the nondeterministic result using the key. This feature makes analyzing the encryption algorithm more difficult, and encryption more secure.
Support of FIPS is part of the separately licensed SAP Sybase IQ Advanced Security Option.
Both RSA and FIPS security are included with SAP Sybase IQ. RSA encryption requires no separate libraries, but FIPS requires two optional libraries: dbfips11.dll and sbgse2.dll. The library sbgse2.dll is provided by Certicom. Both security models require certificates. The rsaserver certificate is named rsaserver.id.
FIPS also requires this registry setting, which is set automatically by the SAP Sybase IQ installation utility:
[HKEY_LOCAL_MACHINE\SOFTWARE\Certicom\libsb] "expectedtag"=hex:5b,0f,4f,a6,e2,4a,ef,3b,44,07,05,2e,b0,49,02,71,1f,d9,91,b6