dhis2-users team mailing list archive

Thread
Date

Re: [Dhis2-devs] dhis and encryption

To: Lars Helge Øverland <larshelge@xxxxxxxxx>
From: Bob Jolliffe <bobjolliffe@xxxxxxxxx>
Date: Thu, 21 Aug 2014 11:19:47 +0100
Cc: DHIS 2 Users list <dhis2-users@xxxxxxxxxxxxxxxxxxx>, DHIS 2 Developers list <dhis2-devs@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <CAD_DPKwZ8pkP2YjU3uFp99igXg_+0_WshuHv7O7hdoU6Z1SnLQ@mail.gmail.com>

Hi Lars

Quick question. I see a lot of people are happily upgrading to 2.16 but not
so sure everyone has read the note as they should.

If the system is started without encryption password set and later it is
set what will that mean?  I'm guessing there will be no problem unless
something has already been encrypted.

What is the system-provided, fixed password?  Is it randomly generated or
actually fixed somewhere as a string in the java code?

Bob


On 26 July 2014 17:41, Lars Helge Øverland <larshelge@xxxxxxxxx> wrote:

> Hi,
>
> in 2.16 we have slowly introduced encryption of database content, so far
> just for the password used for remote data synchronization
> <https://www.dhis2.org/doc/snapshot/en/user/html/ch22s17.html>. We plan
> to build on this in near future by encrypting "confidential" attribute
> values for tracker (person data).
>
> For encryption/decryption process to work, a password (key) is needed to
> keep things secure. All you have to do is to set a new property in the
> hibernate.properties configuration file:
>
> encryption.key = xxxx
>
> where xxxx is the password. Some aspects to take into consideration:
>
> - The password must not be changed once it has been set and data has been
> encrypted as existing data can then no longer be decrypted.
>
> - Keep your password safe - if the password is lost, then data which have
> been encrypted by the system so far is lost, too.
>
> - If the database is copied to another server the encryption password must
> be identical. Otherwise the system will not be able to decrypt existing
> data.
>
> - Remember to set a strong password of at least 8 characters with random
> characters.
>
> - A system-provided, fixed password will be used if not set in the
> configuration file, this can however not be considered secure.
>
> These points have been written up in the installation chapter here
> <https://www.dhis2.org/doc/snapshot/en/implementer/html/ch08s02.html#d5e505>.
> It is also mentioned in the upgrade notes
> <https://www.dhis2.org/2.16-upgrade>.
>
> regards,
>
> Lars
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~dhis2-devs
> Post to     : dhis2-devs@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~dhis2-devs
> More help   : https://help.launchpad.net/ListHelp
>
>

References

dhis and encryption
From: Lars Helge Øverland, 2014-07-26