On 20 Feb 2011, at 10:32, Robert Hairgrove wrote: > On Sun, 2011-02-20 at 09:35 +0000, Philip Graham Willoughby wrote: >> On 20 Feb 2011, at 09:10, Robert Hairgrove wrote: >> >>> I am not starting from scratch doing my own encryption; there are enough >>> open source libraries publicly available which are good enough for my >>> purposes. >> >> And all of them offer approximately no security if you use them incorrectly. > > Thanks, I realize this. > > Another question: > There are certain parts of an SQLite database or page header (the first > 100 bytes, for example) which have known values. I think it is perhaps > even dangerous to encrypt this data, at least with the same method used > for the rest of the file. If I used the same algorithm and key, etc. to > encrypt the header data as the rest of the file, it might be trivial to > decrypt it, knowing the published file format (which is explained in > great detail on the SQLite website). > > SEE encrypts the entire file, according to the information on the > website. But I'm sure they must have taken this into consideration when > they designed their library... > > So if I leave the headers unencrypted, am I disclosing anything I should > be (somehow) hiding?
Any encryption algorithm which is vulnerable to a known plaintext attack is considered insecure. Therefore any algorithm which is considered secure does not have the problem which you are worrying about. Best Regards, Phil Willoughby -- Managing Director, StrawberryCat Limited StrawberryCat Limited is registered in England and Wales with Company No. 7234809. The registered office address of StrawberryCat Limited is: 107 Morgan Le Fay Drive Eastleigh SO53 4JH _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
