appologies, "master database" should read "MASTER TABLE" This is where the index is stored I assume?
You suggested that each record would NOT be decrypted for a SELECT because the INDEX would handle that work. Since the INDEX is proabably not a MAC hash of the SS# then it would be accessible from the MASTER TABLE yes? If that is the case then clearly an Index is not a viable solution and each page will have to be decrypted to perform and equlity/range search. That doesn't sound like it will be fast... >Unlike the situation here, you can't encrypt individual columns I have several ASm implementations of AES and secure HASH Algos that are very very fast. I can apply these to individual columns for each row. I suspect that, as has been pointed out, the disk access would be more time consuming than the encryption. I would then do a MAC index in a secondary column. Before I implement this, I wanted to make sure I understand the implementation at the page level. Obviously a single Row can take up more than one page, but I am still not clear if a single page can ever contain more than one Row? Igor Tandetnik <[EMAIL PROTECTED]> wrote: Derek Developer wrote: > So if the data is indexed prior to the encryption step, does SQLite > manage that index internally as a Btree that s stored somewhere? Is > it part of the MASTER database? I'm not sure what you mean by "MASTER database" (as opposed to which other database?) SQLite stores everything in a single file - data, indexes and all. > Obviously there would be a security issue if the index is accessible > as per this: > http://blogs.msdn.com/lcris/archive/2005/12/22/506931.aspx Unlike the situation here, you can't encrypt individual columns or tables with SQLite (at least not using any products I'm familiar with). You encrypt the whole file. > If I am storing CC# or SS#, the index would contain them yes? Well, if you created an index on those columns, then of course the index would contain values from them. -- With best wishes, Igor Tandetnik With sufficient thrust, pigs fly just fine. However, this is not necessarily a good idea. It is hard to be sure where they are going to land, and it could be dangerous sitting under them as they fly overhead. -- RFC 1925 _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
