Geek Answers Handbook

SQLite Encryption

I'm going to write my own encryption, but I want to discuss some internal features. It should be used on several mobile platforms - iOS, Android, WP7 with a desktop more or less working as a test platform.

First, let's start with a brief description of the existing solutions:

  • SQLite is a standard (commercial) SEE extension - I have no idea how it works domestically and how it interacts with the mentioned mobile platforms.

  • System.data.sqlite (Windows only): use RC4 for full DB, ECB mode. They also encrypt the DB header, which sometimes (probability 0.01%) leads to database corruption. *) An added benefit: they use the SQLite distribution for amalgamation.

  • SqlCipher (openssl, i.e. multiple platforms): selectable encryption scheme. They encrypt the entire database. CBC mode (I think), random vector IV. Because of this, they must change the page settings (size + reserved space for IV storage). They understood the problems associated with unencrypted reading of the database header and tried to introduce workarounds, but the solution was unsatisfactory. Additional downside: they use the original SQLite3 tree. (On the other hand, it includes additional functions, that is, fine tuning of encryption parameters using special pragmas.)

Based on my own analysis, I think the following may be a good solution that would not suffer from the above problems:

  • Encryption of the entire database, except for the database header.
  • ECB: , DB , .
  • AES128?
  • SQLite ( system.data.sqlite)

.

*) - SQLite DB . RC4 ( ) . AES , "" .

EDITED - VFS

, sqlite.org. 3 , :

void *(*xCodec)(void *iCtx, void *data, Pgno pgno, int mode)

SQLite / , / . . ( 512 By.)

- VFS. VFS - , OS-. , . XOpen/xSeek/xRead/xWrite/xClose. , ,

int (*xRead)(sqlite3_file*, void*, int iAmt, sqlite3_int64 iOfst);
int (*xWrite)(sqlite3_file*, const void*, int iAmt, sqlite3_int64 iOfst);

4 By ( ) DB. - ( ?), -. , , SQLite.

: VFS . Android/iOS/WP7/desktop , .. VFS .

: VFS . . , . , VFS .

EDITED - VFS

: DB "SQLite format 3", . (KPA).

VFS, , .

System.data.sqlite , (RC4) .

SqlCipher hdr , . , AES, KPA .

+5
2

db sqlite. SQLite API (vfs), ( vfs) , / " ". , , . , , , . 1024 . , , , SQLCipher.

"", :

  • , VFS . .
  • SQLite - VFS, VFS, , .
  • -. , , 4 , , . SQLite , ( Pager).
+4

, :

  • (AES128), CBC

  • ( , SqlCipher system.data.sqlite)

  • DB

  • IV

  • SQLite

AFAIK , SqlCipher system.data.sqlite.

+1

More articles:


All Articles