LWL wrote: > I am by no means an expert cryptographer (in fact, I am just learning > cryptography) so there may be security flaws in the design of the > encryption layer. Please help me learn by giving me constructive > criticism and suggestions to improve the code. >
A quick glance suggests that there are indeed vulnerabilities, that an attacker can easily recover plaintext from the database without having to know the decryption key. I'll look into this more carefully after Christmas.
-- D. Richard Hipp -- [EMAIL PROTECTED] -- 704.948.4565
