FCBCrypto software provides inexpensive row level data encryption for Oracle database Enterprise and Standard Edition 11g, 12c, 18c, 19c and 21c versions, where Oracle Advanced Security option is not available or too expensive.

Key features

  • Row level encryption
  • SQL and PL/SQL data types supported
  • AES 128|192|256 encryption technique for string, lob, bfile (on UNIX like OS including check sum) and raw data types
  • Modified One-time pad encryption technique for number and date data types
  • Data compression for string, lob and raw data types
  • USB Security Token supported on Linux platforms
  • Main code is written in PL/SQL language. External modules are written in C/JAVA languages
  • Single and multi-byte char sets supported
  • All editions of Oracle 11g (excepting XE), 12c, 18c, 19c and 21c database (including multitenant container databases) supported
  • UNIX like operating systems (Linux, AIX, Solaris) and Windows supported
  • DBaaS  compatible
  • Unauthorized execution prevention
  • Tamper-proofing
  • External database key storage. No any keys stored within constant database objects
  • Database key operations performed in-memory only
  • Centralized in-memory database key management
  • Lightweight, fast and reliable
  • Easy UNIX textual installation wizard

Please see installation and user guides below for more details.

How it works

Database in-memory context is filled out by cryptographic related information from a predefined table, an operating system key file and an USB security token (Linux only). PL/SQL package provides predefined interface decryption/encryption functions for every SQL or PL/SQL data types. In case of need the PL/SQL package performs preliminary data compression. Before encryption or decryption actions the PL/SQL package reads cryptographic information from the database in-memory context. Data go through the PL/SQL package. Data are encrypted or decrypted, compressed or decompressed and returned back. See, please more details in downloadable guides below.

License

Starting from 21.5.461 release FCBCrypto is a free closed source software

Note

1.2.398 release and lower can’t be used as a part of materialized views or virtual columns.

What’s new

  • Jan 23, 2022. 21.5.461 version released
    • Oracle 21c support
    • Windows installation package is not provided anymore
    • License changes: FCBCrypto software is a free closed source software now
  • Nov 19, 2019. 423 build released
    • Oracle 19c support
    • Performance improvements, i.e. all decryption functions are deterministic now
    • Materialized view and virtual column restriction removed
  • Feb 17, 2019. 398 build was validated against Oracle Database as a Service (DBaaS) and there are three cases of FCBCrypto usage:
    • 1-st case is a migration from on-premises database to the cloud. In this case if you use USB Security Token Encryption feature you should understand this feature looses functionality total, because Oracle DBaaS is a cloud service, i.e. there is no way to insert any customer provided USB device wherever. This means if your Oracle DBaaS target is a bare metal or virtual machine database system you will have full FCBCrypto functionality for Linux, excluding USB Security Token Encryption.
    • 2-nd case is a fresh FCBCrypto installation in Oracle DBaaS. FCBCrypto was successfully tested, i.e. installed and worked, on a database created via “Get Started Oracle Cloud Platform for Free” program. This means if your Oracle DBaaS target is a bare metal or virtual machine database system you will have full FCBCrypto functionality for Linux, excluding USB Security Token Encryption.
    • 3-rd case. Autonomous Transaction Processing or Autonomous Data Warehouse cloud service. Please, get in contact with me to get consulting.
  • Nov 2, 2018. 398 build supports Oracle 18c Express Edition
  • Aug 11, 2018. 398 build released:
    • Unauthorized execution prevention
    • Tamper-proofing
  • Jun 17, 2018. 214 build released:
    • Oracle 18c support
    • More PL/SQL code protection to prevent reverse engineering

Downloads

Found a bug? Please use this link to report.

Questions? Propositions? Comments? Let me know what you think via email