Re: [sqlite] Data encryption
hi everybody, the magic spell worked, but onky for me, not for my server: at the moment i have problems with my (free) dyndns account. my server (a little nslu2 in my living room) was online for some hours yesterday but disappeared again this morning ... until i solved my problem here are the temporary download links: http://www.greschenz.de/sqlite_crypt.zip http://www.greschenz.de/sqlite_compress.zip please inform me if its working or not. cu, gg To me it was a wonderful source of information and ideas, but this morning the URL was unable. May be if you recite certain magic spell, Günter can appear again... Cheers A.J.Millan - To unsubscribe, send email to [EMAIL PROTECTED] -
Re: [sqlite] Data encryption
sorry, i have been on a business trip until this weekend (i have been some months in korea...), and my server (at home) was turned off by my wife :-) i will reenable it this evening... here is the source again (attached to this mail) cu, gg A.J.Millan wrote: Andreas: Some time ago, in response to a similar question, Günter Greschenz sent to this forum a email: hi, i've written some sqlite-functions to crypt (blowfish) or compress (bzip) data in sqlite: e.g. insert into blubs values (crypt('data','pwd')) or select from xyz where decompress(data) = 'blablabla' or select from xyz where data = compress('blablabla') but you have to wait until next weekend, because i'v traveling for my company at the moment and >return on friday (i hope :-) Some day later: after a long time being on a business trip, i finally came home and have now the chance to upload >the sources to my webserver: http://greschenz.dyndns.org/sqlite.html these sources have never been in a productive system, i just implemented it for fun... what i want to say: i never tested it really good ! To me it was a wonderful source of information and ideas, but this morning the URL was unable. May be if you recite certain magic spell, Günter can appear again... Cheers A.J.Millan - To unsubscribe, send email to [EMAIL PROTECTED] - - To unsubscribe, send email to [EMAIL PROTECTED] -
RE: [sqlite] Data encryption
After some googling, Gunter has this domain: http://greschenz.de but it merely redirects to the dyndns url. It was active as late as 10/13/07 though. Maybe he shuts down his server at night? Ron Wilson, Senior Engineer, MPR Associates, 518.831.7546 -Original Message- From: A.J.Millan [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 13, 2007 2:58 AM To: sqlite-users@sqlite.org Subject: RE: [sqlite] Data encryption Andreas: Some time ago, in response to a similar question, Günter Greschenz sent to this forum a email: >hi, >i've written some sqlite-functions to crypt (blowfish) or compress (bzip) >data in sqlite: >e.g. > insert into blubs values (crypt('data','pwd')) >or > select from xyz where decompress(data) = 'blablabla' >or > select from xyz where data = compress('blablabla') >but you have to wait until next weekend, because i'v traveling for my >company at the moment and >return on friday (i hope :-) Some day later: >after a long time being on a business trip, i finally came home and have >now the chance to upload >the sources to my webserver: >http://greschenz.dyndns.org/sqlite.html >these sources have never been in a productive system, i just implemented >it for fun... >what i want to say: i never tested it really good ! To me it was a wonderful source of information and ideas, but this morning the URL was unable. May be if you recite certain magic spell, Günter can appear again... Cheers A.J.Millan - To unsubscribe, send email to [EMAIL PROTECTED] - - To unsubscribe, send email to [EMAIL PROTECTED] -
RE: [sqlite] Data encryption
Andreas: Some time ago, in response to a similar question, Günter Greschenz sent to this forum a email: hi, i've written some sqlite-functions to crypt (blowfish) or compress (bzip) data in sqlite: e.g. insert into blubs values (crypt('data','pwd')) or select from xyz where decompress(data) = 'blablabla' or select from xyz where data = compress('blablabla') but you have to wait until next weekend, because i'v traveling for my company at the moment and >return on friday (i hope :-) Some day later: after a long time being on a business trip, i finally came home and have now the chance to upload >the sources to my webserver: http://greschenz.dyndns.org/sqlite.html these sources have never been in a productive system, i just implemented it for fun... what i want to say: i never tested it really good ! To me it was a wonderful source of information and ideas, but this morning the URL was unable. May be if you recite certain magic spell, Günter can appear again... Cheers A.J.Millan - To unsubscribe, send email to [EMAIL PROTECTED] -
Re: [sqlite] Data encryption
On 11/12/07, Andreas Volz <[EMAIL PROTECTED]> wrote: > I think about to encrypt the data in my DB. Does sqlite offer a data > encryption on a lower level? Or should I encrypt my data before putting > it into the table on a higher level in my application without involving > sqlite? Dr. Hipp sells encryption support for sqlite: http://www.hwaci.com/sw/sqlite/prosupport.html Several others also maintain their own versions of sqlite with encryption support; I believe the .NET wrapper from phxsoftware uses the Windows crypto libraries, for example. The goal of all of them is to encrypt the entire database file, except for a small part of the beginning of the file that contains physical layout info. Encrypting specific data in your application may still be useful in some circumstances. When sqlite is encrypting the entire database, that means any application that uses the database needs to use the specific version of the sqlite library with the encryption support. If you have a situation where it's ok if other applications access most of the data, that's probably a bad thing, since you only need specific parts protected. The same holds true for pretty much any scenario where changing the sqlite library is inconvenient. - To unsubscribe, send email to [EMAIL PROTECTED] -
[sqlite] Data encryption
Hello, I think about to encrypt the data in my DB. Does sqlite offer a data encryption on a lower level? Or should I encrypt my data before putting it into the table on a higher level in my application without involving sqlite? regards Andreas - To unsubscribe, send email to [EMAIL PROTECTED] -
[sqlite] Re: [inbox] Re: [sqlite] Data encryption
At 11:36 AM 1/31/2004 -0600, Kurt Welgehausen wrote: You'll have to encrypt each column independently. If you use the same key and initialization vector, you should be able to search, but of course, only for exact matches. Also, the size of each field will probably grow to the next multiple of your cipher's block size, so you'll need to pad the data before you encrypt; and you'll have to remove nulls from the encrypted data. I think the sequence would have to be If you use an encryption method that makes this true, it is less secure. Random salt is generally required to maintain security, but it is the usual risk versus ease of use balance. the other response, using a SHA (or similar) hash for the search index and a secure encryption scheme on the actual data, is much better and works well in practice. That still restricts you to exact match (no using "LIKE" and similar). HTH. michael - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [sqlite] Data encryption
You'll have to encrypt each column independently. If you use the same key and initialization vector, you should be able to search, but of course, only for exact matches. Also, the size of each field will probably grow to the next multiple of your cipher's block size, so you'll need to pad the data before you encrypt; and you'll have to remove nulls from the encrypted data. I think the sequence would have to be Pad each field Encrypt each field Encode the nulls in each field Store the record -- Fetch the record Restore the nulls in each field Decrypt each field Remove the padding from each field Regards - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [sqlite] Data encryption
> Has anyone ever needed to encrypt sqlite data on a record by record > basis? I'm a little stumped about this issue mainly because any search > using a reasonably securely encrypted record (such as with AES) would be > futile because it's encrypted differently even with the same passwords > being used. You could maintain the data twice. One column encrypted, one column hashed (md5, sha etc). If you need the data, use the encrypted column, if you need to search, use the hashed column. -- Richard Heyes http://www.v-webmail.co.uk - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[sqlite] Data encryption
Hi all, Has anyone ever needed to encrypt sqlite data on a record by record basis? I'm a little stumped about this issue mainly because any search using a reasonably securely encrypted record (such as with AES) would be futile because it's encrypted differently even with the same passwords being used. Ideas anyone? Cheers - Balthasar Indermuehle All science is either physics or stamp collecting. Ernest Rutherford - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]