Data encryption in web application - padding method?

Hello,
please, does somebody know which method camunda uses in case of data encryption?
ISO-Padding, CMS-Padding, ESP-Padding or Ciphertext stealing?

  • ISO-Padding [ISO/IEC 7816-4]
  • CMS-Padding [IETF-RFC 5652]
  • ISO-Padding [IETF-RFC 4303]
  • CBC-CS1, CBC-CS2, CBC-CS3 Ciphertext stealing [NIST-SP 800-38 A - Addendum]

Thank you in advance!
Evelyn

Hi Evelyn,

Could you clarify a little, by encryption do you mean encryption of process variables? If thats the case there is no built in encryption that I am aware of. I have implemented my own encryption in the past…

regards

Rob

Hi Rob,

it’s more about whether the data which can be entered/uploaded
through the Camunda GUI are stored encrypted on a hard disk (or whatever).
If so, is there a standard encryption method and a padding procedure
(see in my first question) which is provided by Camunda?

Thank you in advance!
Evelyn

Hi Evelyn,

Camunda does not write directly to the filesystem but uses a relational database for persistence. You should check the documentation of the database you use for an answer to your question.

Cheers,
Thorben