Simply stated, data encryption equates to data privacy. A malicious user can use a network sniffer to eavesdrop on network traffic. Without encryption, she can collect the network data in a readable form as it is transmitted. If the data is encrypted using the RSA or DES cryptographic algorithms, it can still be collected, but it will be unreadable. Data encryption must be enabled, or requested, by both the client and the server for it to be used when a new connection is created.
To enable data encryption on the server, you need to set the SQLNET.ENCRYPTION_SERVER and SQLNET.ENCRYPTION_TYPES_SERVER parameters in your server’s sqlnet.ora file. The syntax for setting these parameters is:
SQLNET.ENCRYPTION_SERVER = [REJECTED | ACCEPTED | REQUESTED | REQUIRED] SQLNET.ENCRYPTION_TYPES_SERVER = (type[,type...]) type ::= [DES40 | RC4_40 | DES | RC4_56 | RC4_128]
which breaks down as:
Specifies the server’s preference for whether encryption is used when new connections are made. The following are valid values:
The server does not support encryption. Connections from clients requesting encryption will be refused.
The server will accept a request from the client to support encryption.
The server will request encryption from the client.
The server requires encryption. If the client cannot support encryption, then the connection will be refused.
Specifies the ...