On 8/22/05, Dennis Jenkins <[EMAIL PROTECTED]> wrote: > I very much disagree. I want the entire file, header included, to be > encrypted. Sometimes you don't want anyone to know what the file type > is. Security through obscurity is not secure. However, you don't want > to give the bad guys a road map either...
Finding out that it's a sqlite file is not a hard problem for an attacker who has any interesting access to your machine, since your programs must find that file somehow. Once they find it, are you not concerned about lightening their cryptanalysis burden through known-plaintext attacks? Mike