On Thu, 25 Feb 2016 14:01:31 +0800
wrote:
> Hi,
>
> In my C++ program, I will invoke SQLite to execute SQL queries. But
> these queries are just stored as normal string constants in C++ so it
> is easy to be decoded via reverse engineering method. Does SQLite
> provide a good way to encrypt the
On 27 Feb 2016, at 3:20pm, Dave Baggett wrote:
> It would be interesting to contemplate running all of SQLite on an HSM, as
> this would allow you to perform database transactions while ensuring the
> database itself was kept hidden from the host computing device. I'm not aware
> of any gener
As others have pointed out, since SQLite must ultimately execute the query, it
has to be unencrypted in memory at some point. In general, there is no way to
protect data from prying eyes if that data must be used by a running program,
because a competent adversary can inspect the program as it's
Hello Admin,
I have all my important strings encrypted using AES. They get
decrypted at runtime. Well, they get decrypted at run time just when
used and then get over-written by other decrypted strings. It's a
circular queue of strings.
I just run a post process step on one of my
>
> queries are just stored as normal string constants in C++ so it is easy to
> be decoded via reverse engineering method.
Is the normal "reverse engineering method":
1. a hexdump of your executable?
2. debugging your executable?
A trivial cipher could be used to encode the strings prior to sto
> at some
> point the encrypted SQL wiill have to be decrypted before SQLite
> interprets it.
Perhaps we could achieve some level of obfuscation by "pre-preparing" at
compile time the set of all statements that the program uses, and storing the
SQLite prepared statement objects in the progra
ces at mailinglists.sqlite.org [mailto:sqlite-users-
> bounces at mailinglists.sqlite.org] On Behalf Of Simon Slavin
> Sent: Thursday, February 25, 2016 4:39 PM
> To: SQLite mailing list
> Subject: Re: [sqlite] Encrypt the SQL query
>
>
> On 25 Feb 2016, at 6:01am,
> wrote:
>
On Thu, 25 Feb 2016 14:01:31 +0800
wrote:
> Does SQLite provide a good way to encrypt the SQL query strings while
> does not affect the performance when executing the queries?
If you're worried about the user examining your program image
statically, you could encrypt your SQL by whatever means,
On Fri, 26 Feb 2016 14:39:50 +0800, wrote:
> To encrypt the SQLite database, I can only find the following extension:
>
> https://www.sqlite.org/see/doc/trunk/www/readme.wiki
>
> So I must recompile and enable the extension to encrypt
> the database, is that correct?
That's almost correct, you
Hi,
In my C++ program, I will invoke SQLite to execute SQL queries. But these
queries are just stored as normal string constants in C++ so it is easy to
be decoded via reverse engineering method. Does SQLite provide a good way to
encrypt the SQL query strings while does not affect the performance
admin at shuling.net wrote:
> In my C++ program, I will invoke SQLite to execute SQL queries. But these
> queries are just stored as normal string constants in C++ so it is easy to
> be decoded via reverse engineering method.
How could _any_ obfuscation not be decoded with reverse engineering?
R
On 25 Feb 2016, at 6:01am, wrote:
> Does SQLite provide a good way to
> encrypt the SQL query strings while does not affect the performance when
> executing the queries?
The source code for SQLite is available. There's no way to prevent a hacker
reverse-engineering whatever calls you make an
12 matches
Mail list logo
