encryptionKeyLength=length attribute

The encryptionKeyLength=length attribute specifies the number of bits in the encryption key to be generated when a database is encrypted with the bootPassword=key attribute.

See bootPassword=key attribute for details.

The default encryption key length is 128.

You need to specify encryptionKeyLength=length only if all of the following circumstances apply:
  • You are specifying a non-default encryption algorithm (the default is DES).
  • The encryption algorithm you are specifying allows for more than one key length.
  • You want to use a non-default key length.

For information about data encryption, see "Configuring database encryption" in the Derby Security Guide.

Combining with other attributes

The encryptionKeyLength=length attribute can be combined with either the bootPassword=key attribute or the encryptionKey=key attribute (although it is redundant if you use encryptionKey=key).

The encryptionKeyLength=length attribute may also be combined with the encryptionProvider=providerName and/or encryptionAlgorithm=algorithm attributes.

If you use encryptionKeyLength=length with encryptionKey=key, the key you specify must have the length you specify.


-- create a new, encrypted database
-- configure an existing unencrypted database for encryption
Note: If the specified algorithm does not support the specified encryption key length, Derby returns an exception.