This section describes the database encryption utility developed to ensure that Payment Card Industry Data Security Standard (PCI) compliance requirements regarding the safeguarding of personal customer information are met. KEYINDEX.EXE is the command line utility developed to handle both single and multiple encryption key PCI modules. KEYINDEX.EXE can be run multiple times in order to re-encrypt data using different keys.

KEYINDEX.EXE accepts the following parameters:

The purpose of this utility is to re-encrypt data in the database. KEYINDEX.EXE uses the supplied ‘From’ key index value to decrypt data as it is retrieved from the database, and the supplied ‘To’ key index value to encrypt data as it is updated back to the database. The range of acceptable index values are (-1) for un-encrypted data, (0) for key index 1, and up to (255) for key index 254. You should note that there is a restriction in place which does not allow the utility to decrypt data that has already been encrypted by the utility.

Once the encryption process is successfully completed, there is no further need to run the database encryption utility again. Any data added to the database after the PCI compliancy module is activated will be encrypted by default.

Because KEYINDEX.EXE is designed to be executed in the most efficient manner possible, it does not have a GUI. Since the encryption process is extremely CPU intensive, it can be a burden on your system to process additional applications while the encryption utility is running. Ideally, this utility should be run while no other applications are being used. For example it might ideally be launched as part of a nightly batch process after the store is closed and the employees have gone home.

Status files

KEYINDEX.EXE creates output ASCII text files which capture the status of the current encryption process as well as any processing errors. The output files are created in the directory where the encryption utility is located. They are defined as follows:

KEYINDEX.OUT: Status file which provides the current progress of the re-encrypt process. This file contains a header line which shows the start and end time stamps, database, and key index (from/to). Each table processed in a session is represented in this file. Currently, for the BACKOFF.DB database there are only two tables: PA_CUSTOMER and TXN_POS_TRANSACTIONS. For each table, the number of rows remaining to be re-encrypted, the number of rows encrypted, and the starting and ending times when the table was processed are shown. The end time can be either the time of shutdown or the time when all encrypted data in the table has been re-encrypted.

KEYINDEX.0: Successfully finished re-encrypting all data in the database.

KEYINDEX.1: Detected an error. Manual intervention is required.

KEYINDEX.2: Successfully re-encrypting data, table data remains to be encrypted.

KEYINDEX.ERR: Error file used to capture error messages for the purpose of diagnosing any potential problems that may have occurred while the key index utility was running. For example, when an invalid command line parameter was provided.

The database encryption utilities retrieve, decrypt, encrypt and update data in blocks of approximately 100 rows at a time. When the data is updated back to the database, the newly encrypted data is automatically committed to the database. It is highly recommended that the database is backed up prior to executing the encryption utility. Although processing in small batches reduces the chances of losing a night’s worth of data re-encryption due to a power outage, it does not reduce the potential risk of database corruption which also renders database content unusable.