> > On Nov 14, 2016, at 7:23 AM, Ulrich Telle wrote:
> > 
> > The RSA encryption offered by System.Data.SQLite should not be used,
> > if security is a concern for you. You should prefer an AES encryption 
> > scheme.
> 
> I’m surprised anything encrypts databases with RSA, as that algorithm
> is pretty unsuitable for file encryption.

Ouch ... sorry for not resolving the confusion ... I've been taken again by the 
*wrong* citation of RSA encryption.

In fact, System.Data.SQLite acquires an RSA provider, but doesn't use key 
exchange anywhere. Only the supported symmetric encryption algorithm is used. 
And that algorithm is *RC4*.

> It’s an asymmetric (public-key) cipher: you encrypt data with an RSA
> public key, which can then only be decrypted by the owner of the
> matching private key. (This is used by email encryption, for example.)
> Or you can sign data with the private key so that it can be verified
> by anyone who has the public key. Neither of these modes is useful for
> securing a file that you are going to use yourself. Moreover, RSA is
> extremely slow.

True. However, RC4 is fast, but also weak and should therefore be avoided.

> File encryption uses a symmetric-key cipher, of which AES is the most
> common up-to-date one. Both SQLite’s own encryption engine and the
> 3rd party SQLCipher use AES.

The wxSQLite3 encryption extension also uses AES, either AES-128 or AES-256.

Regards,

Ulrich
_______________________________________________
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

Reply via email to