I've just checked in support for local database encryption. It will appear in a future release of Couchbase Lite, for all supported platforms, but right now it's on a branch and for iOS/Mac-only. (And, of course, experimental.)
As I've said before, this isn't for everyone. In general, the default filesystem encryption on iOS is good enough. But some apps have to guarantee full security even if the user hasn't set a passphrase, and are willing to put up with the annoyance of prompting the user for a passcode on every launch. (Also, this would be useful on Mac OS, since it would protect the database against even other apps on the computer. In this environment it's safe to store the key in the Keychain.) Features: Uses AES-256 encryption algorithm. (No one says "military-grade" anymore, but this is basically the go-to algorithm for highly secure but fast encryption. It's approved <http://crypto.stackexchange.com/a/2253/16754> by the US Government for Top-Secret data, and used by Apple for iOS file encryption and Mac FileVault.) Protects the entire database file (using SQLCipher <http://sqlcipher.net/>, a widely used fork of SQLite), and attachments. Should be only a few percent slower than normal. You can provide the key as either a passphrase, or a raw 256-bit AES key. I've written a wiki page <https://github.com/couchbase/couchbase-lite-ios/wiki/Database-Encryption> that explains how to build and use it. You absolutely should not put this into a shipping app yet, but we'd greatly appreciate it if people tried it out and reported any issues. —Jens -- You received this message because you are subscribed to the Google Groups "Couchbase Mobile" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/mobile-couchbase/97EBB624-48AF-433D-9B05-41052328CE31%40couchbase.com. For more options, visit https://groups.google.com/d/optout.
