07.06.2018 14:37, Hristo Stefanov wrote:
[*] Not always true currently. There is a DbCrypt plugin sanity routine that passes a 16 byte chunk to test encryption and decryption and a routine for calculating a digital signature which passes a multiple of 16 byte chunk that is way shorter than the minimum page size of 4096 bytes. Both of these routines can be detected from the length of the chunk to be encoded/decoded and a dummy page number can be used.
Don't forget about backup file encryption which is currently under development by Alex.
We are proposing that XTS mode of operation be officially supported as it provides better security than the currently implementable modes
AES is considered to be invulnerable to "known plain text" attacks and (because of well known DB page layer) even CBC has no advantages over ECB.
-- WBR, SD. ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
