Please enter search query.
Search <product_name> all support & community content...
Article: 100050486
Last Published: 2025-07-08
Ratings: 1 0
Product(s): Data Insight
Problem
Security team requires an understanding of the cryptographic algorithms and keys that are used by Data Insight
Solution
Data Insight uses both RSA and AES algorithms in different areas of the product
RSA
- Used for node to node communications
- Browser communications
- Key is generated using keytool utility provided by JRE at installation
- Stored in keystore files (commd.keystore & webserver.keystore)
- Default life span = 10 years
- Keys are fully customizable for webserver.keystore (browser communications) - users can generate their own certificates and have them signed by a CA
- Key for commd.keystore (node to node communications) is not customizable at this time
- Key length = 2048
AES
- Used to encrypt passwords of Saved Credentials used by Data Insight
- Key is generated using KeyGenerator.generateKey() API provided by javax.crypto package at installation
- Generated key is obfuscated via Salt which resides in the code
- Obfuscated key is stored in the Config.DB as hex encoded text
- No expiration
- Key is not customizable at this time
- Key length = 128
Was this content helpful?
Translated Content
Please note that this document is a translation from English, and may have been machine-translated. It is possible that updates have been made to the original version after this document was translated and published. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.