Encryption and obfuscation

By default, the data in a new UltraLite database is not encrypted. By specifying appropriate database creation parameters, the database may be created with strong encryption or with simple obfuscation. Obfuscation is a very weak form of keyless encryption that is only intended to prevent casual observation of the data in the database (with a low-level file examination utility for example).

Encryption

To create a database with strong encryption, specify an encryption key when creating the database using Sybase Central or specify the encryption key in the creation parameters if the database is created by calling ULCreateDatabase or using the ulcreate utility. To be effective, the encryption key should contain a combination of characters, numbers, and special symbols. Using a long encryption key reduces the chances of someone guessing the key.

Once a database is encrypted, the encryption key cannot be recovered. Access to the database is completely lost unless the proper encryption key is specified. Encryption keys should be treated as sensitive information and archived appropriately.

See UltraLite DBKEY connection parameter.

You can change the encryption key for an existing UltraLite database by applying a new encryption key with the Connection.ChangeEncryptionKey method.

See ULConnection class and ULConnectionParms class.

After the database is encrypted, connections to the database must specify the correct encryption key; otherwise, the connections fail.

Obfuscation

To obfuscate the database, specify obfuscate=y as a database creation parameter. For more information about database encryption and obfuscation parameters, see Choosing database creation parameters for UltraLite.