[EpiData-list] encryption fields in EpiData

epidata-list at lists.umanitoba.ca epidata-list at lists.umanitoba.ca
Tue Nov 8 13:32:07 CST 2011

Στις Δευ 07 Νοε 2011, ο/η epidata-list at lists.umanitoba.ca έγραψε:
> Dear Theodore
> The encryption in EpiData is done using the DCPCrypt library from:
> http://www.cityinthesky.co.uk/opensource/dcpcrypt
> We have used version 1.x which has a differnt IV than most AES
> implementations. I'll get back to this below.
> In the header of the .rec file the password is stored between the "~KQ:"
> and ":KQ~" marks.
> This password is stored as base64 encoded string, encrypted using AES
> with a SHA1 of password. Cipher mode is CFB 8-bit blocks.
[snip, snip]
> I hope this helps.
> Kind regards,
> Torsten Bonde Christiansen.
> EpiData Association.

Thank you Torsten, this is helpful indeed. Nevertheless, I am still not 
getting the same output as EpiData (using the openSSL library). 
Thus I have two further questions:

(1) What is the keylength used in EpiData for AES? 128, 192 or 256-bit?
(2) SHA-1 has a length of 160-bit, different from the length of the key. What 
do you do with the extra (if 128-bit key) or missing (if 192- or 256-bit key) 
bits? Do you trim the key or pad it?

By the way, I guess you use a different (non-Pascal) library to implement 
encryption fields in the new EpiData manager. What would that be?

Theodore Lytras

"Beauty is transitory"
"Beauty survives"
        - Mr. Spock & Capt. Kirk, "That which survives", stardate unknown
by Theodore Lytras <thlytras at gmail.com>

More information about the EpiData-list mailing list