On Sun, 2011-02-20 at 09:35 +0000, Philip Graham Willoughby wrote: > On 20 Feb 2011, at 09:10, Robert Hairgrove wrote: > > > I am not starting from scratch doing my own encryption; there are enough > > open source libraries publicly available which are good enough for my > > purposes. > > And all of them offer approximately no security if you use them incorrectly.
Thanks, I realize this. Another question: There are certain parts of an SQLite database or page header (the first 100 bytes, for example) which have known values. I think it is perhaps even dangerous to encrypt this data, at least with the same method used for the rest of the file. If I used the same algorithm and key, etc. to encrypt the header data as the rest of the file, it might be trivial to decrypt it, knowing the published file format (which is explained in great detail on the SQLite website). SEE encrypts the entire file, according to the information on the website. But I'm sure they must have taken this into consideration when they designed their library... So if I leave the headers unencrypted, am I disclosing anything I should be (somehow) hiding? Bob _______________________________________________ sqlite-users mailing list [email protected] http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
