Data Insight uses both RSA and AES algorithms in different areas of the product

RSA

• Used for node to node communications
• Browser communications
• Key is generated using keytool utility provided by JRE at installation
• Stored in keystore files (commd.keystore & webserver.keystore)
• Default life span = 10 years
• Keys are fully customizable for webserver.keystore (browser communications) - users can generate their own certificates and have them signed by a CA
• Key for commd.keystore (node to node communications) is not customizable at this time
• Key length = 2048

AES

• Used to encrypt passwords of Saved Credentials used by Data Insight
• Key is generated using KeyGenerator.generateKey() API provided by javax.crypto package at installation
• Generated key is obfuscated via Salt which resides in the code
• Obfuscated key is stored in the Config.DB as hex encoded text
• No expiration
• Key is not customizable at this time
• Key length = 128