> > On Nov 14, 2016, at 7:23 AM, Ulrich Telle wrote: > > > > The RSA encryption offered by System.Data.SQLite should not be used, > > if security is a concern for you. You should prefer an AES encryption > > scheme. > > I’m surprised anything encrypts databases with RSA, as that algorithm > is pretty unsuitable for file encryption.
Ouch ... sorry for not resolving the confusion ... I've been taken again by the *wrong* citation of RSA encryption. In fact, System.Data.SQLite acquires an RSA provider, but doesn't use key exchange anywhere. Only the supported symmetric encryption algorithm is used. And that algorithm is *RC4*. > It’s an asymmetric (public-key) cipher: you encrypt data with an RSA > public key, which can then only be decrypted by the owner of the > matching private key. (This is used by email encryption, for example.) > Or you can sign data with the private key so that it can be verified > by anyone who has the public key. Neither of these modes is useful for > securing a file that you are going to use yourself. Moreover, RSA is > extremely slow. True. However, RC4 is fast, but also weak and should therefore be avoided. > File encryption uses a symmetric-key cipher, of which AES is the most > common up-to-date one. Both SQLite’s own encryption engine and the > 3rd party SQLCipher use AES. The wxSQLite3 encryption extension also uses AES, either AES-128 or AES-256. Regards, Ulrich _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users