Data Protection Advisor: Information About Security Encryption, Algorithms, and Strength

The DPA documentation does not provide details around security or encryption of DPA data, such as passwords. There are several questions around this topic, as listed below:

• What is the mechanism and the algorithm used?
• What is the encryption type and strength?
• Are all passwords encrypted?
• How does DPA use lockbox with the DPA Application and Datastore servers?

The product is functioning as designed.

DPA uses the following encryption mechanisms and algorithms:

AES-256 Encryption:

Algorithm: DPA uses AES-256 (Advanced Encryption Standard with a 256-bit key) for encrypting sensitive data. AES-256 is a symmetric encryption algorithm known for its strength and efficiency.
Usage: This encryption method is applied to protect passwords, keys, and other sensitive information stored within the DPA application and datastore servers.

SHA-256 Hashing:

Algorithm: SHA-256 (Secure Hash Algorithm 256-bit) is used for hashing purposes, ensuring data integrity and security.
Usage: It is commonly used for hashing passwords before encryption, adding an extra layer of security.

Lockbox usage in DPA:

A lockbox is a secure storage mechanism where encryption keys and other sensitive data are stored. It ensures that sensitive information is protected with strong encryption.
Files: In DPA, the lockbox consists of several files that include the encryption key file and configuration files. These files are secured with a password and are encrypted to prevent unauthorized access.
The DPA Application and Datastore lockbox files use the AES-256 algorithm for encryption.

Contact Dell Technical Support for further details or information.