In 2026 and beyond, data theft will remain an ongoing and widespread threat. In fact, data theft is now the second most common consequence of cyberattacks. Software providers must significantly step up their game when it comes to securing the data associated with it. SOLIDWORKS PDM is the foundation for customer data collection in manufacturing, and SOLIDWORKS recognizes security as the utmost priority. SOLIDWORKS has met the challenge by upgrading and adding two new security features for PDM: AES-256 encryption and Kerberos authentication.
Demystifying two technologies
AES-256 Encryption
What is AES encryption? Let’s start by answering what encryption in general is. Encryption (a.k.a. encoding) is rooted in advanced mathematical technology known as cryptography. It is a mathematical process that takes plain text or human-readable data and jumbles it all up, so it is unrecognizable (ciphertext). The transformation process uses algorithms that require things known as keys (public and/or private). Think of keys as a series of meaningless numbers and characters. The string of characters is injected into one side of a mathematical equation, and the output is either scrambled (encrypted/encoded) or readable (decrypted/decoded) data.
History
Encryption is believed to have originated in ancient Egypt around 4000 years ago. The proof is shown on a guy’s tomb by the name of Khnumhotep II. Archeologists believe the technique was used to hide the meaning of religious texts as part of a ritual. Around 1500 BCE in ancient Mesopotamia, encryption was found used for secrecy in commercial applications for the first time.
Over thousands of years, encryption has evolved. The first forms of encoding used a rudimentary practice of symbol replacement, whereby characters were replaced by other characters. The old way to decode was with a key, which was basically a written mapping of character series to single characters. Simply compare the sequence of characters to the mapping and replace the associated characters with the single character. This practice was commonly used for military purposes.
Fast forward thousands of years, and mathematicians developed algorithms using algebraic geometry (ellipses) and number theory. In 1985, a couple of guys named Neal Koblitz and Victor Miller suggested using computations that are basically grounded on the principles of the elliptic curve discrete logarithm problem (ECDLP). ECDLP uses extremely difficult math equations to solve for encoding purposes.
Back to AES Encryption
Advanced Encryption Standard (AES) encryption uses a symmetric block cipher algorithm based on one named Rijndael. The U.S. government now uses this cipher algorithm widely for protecting very sensitive data. In 2001, the National Institute of Standards and Technology (NIST) replaced the much older Data Encryption Standard (DES) with AES.
A symmetric block cipher uses a single shared private key (a.k.a. secret key). In other words, both the sender and the recipient must own that private key for decoding or encoding, and it must be protected. A “block cipher” means that the cipher breaks the data down into fixed chunks (blocks) and encodes/decodes using mixing, permutation, and substitution mathematical methods. The standard block sizes include 128-bit (16 bytes), 192-bit, and 256-bit. Due to the very fast growth in hardware technology, several research projects and academic papers have been written to propose 512-bit block sequence. No worries because a 256-bit key size is considered highly secure against brute force attacks using current technology.
Kerberos Authentication
We are not done talking about symmetric-key cryptography because Kerberos uses this technology. Kerberos authentication is a network-level authentication protocol developed by MIT in the late 80’s. It uses a ticketing paradigm. Each ticket is encrypted using a shared private key called a session key. The ticket itself represents the user/service in the authentication process. The ticket does have a time-to-live (TTL) for the authentication to occur. TTL helps prevent what is known as replay attacks, whereby the attacker steals and reuses the authentication data.
Architecture
Kerberos requires two security elements: a symmetric key and a key distribution center (KDC). The KDC is broken down into three separate components.
- Ticket-granting server (TGS) – Delivers the service tickets (ST) based on a valid Ticket Granting Ticket (TGT)
- Kerberos database – Stores the password information.
- Authentication Server (AS) – Verifies the user’s credentials in the database and sends a TGT to TGS.
Where do the security enhancements apply?
As of 2026, the SOLIDWORKS PDM software now uses the AES-256 to secure the data in transit between the client and the archive server. Prior to 2026, the data was secured using AES-128. Hence this is a significant upgrade and should be highly considered when deciding to upgrade.
Is there data encryption between the SQL Server and the archive server? Unfortunately, this data is not encrypted by default. The customer must manually configure SQL Server to use SSL/TLS encryption for network connections. Please refer to this link for additional details: https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/configure-sql-server-encryption?view=sql-server-ver17.
SOLIDWORKS PDM now natively supports Kerberos, NTLM, and NTLMv2. Not only do you gain more secure logins, but having support for Kerberos now enables the use of Single Sign-On (SSO) technology. In addition, companies hosting mixed environments using both Linux and Microsoft products will benefit greatly.
Closing thoughts
Security is and should be a strong concern for everyone connected to the Internet these days. This is even more worrying with the continued maturity and global use of artificial intelligence (AI) for malicious purposes. Thankfully, SOLIDWORKS is keeping your data more secure in PDM using Kerberos technology and stronger encryption algorithms such as AES-256. If security is an important concern and you are considering upgrading SOLIDWORKS PDM, then one should swiftly consider going to 2026 release.
Please contact us if you want to learn more about upgrading SOLIDWORKS PDM or other SOLIDWORKS products. In addition, CADimensions has decades of experience doing consulting services and offer many including upgrading software. To explore the many other CADimensions services our talented consultants provide, please click on the following link: https://www.cadimensions.com/services/consulting/.
Need Backup On Your Next Project?
Start working with a CADimensions consultant today.
