Simon Slavin <slav...@bigfraud.org> writes: > On 31 Jul 2010, at 6:12pm, Nikolaus Rath wrote: > >> When tracing down bugs in an application that uses SQLite, I have >> repeatedly faced the problem that I wanted to send (or get) a copy of >> the sqlite database without disclosing potentially sensitive contents. > > You might like to know that the writers of SQLite maintain a non-free > encryption version of SQLite: > [...] > Any decent programmer with experience of encryption systems would be > able to crack such encryption in an hour or so. [...] > However, a function like the one you propose would be useful against > the zero-effort attempts -- casual theft by someone who has the > opportunity to access your hard disk for a few minutes.
You missed my point. Let me try again. This not about encrypting data, it's about scrambling data. I want to apply a one-way hash function to one or more columns of table. Possible use case: I want to send someone an SQLite database with my data, so that he can debug an application that's using the database (since it's having problems with the particular set of data that I'm using it with). However, I don't want him to be able to actually read the data. Please don't suggest other ways of achieving this. There are plenty and I am able to use them. My question is about the pros and cons of adding a one-way hash function to SQLite (maybe calling it crypt() was misleading for some). Also, I would appreciate if you would not start a discussion about the possibility of collisions or the fact that same strings in different tables or columns would map to the same hash and thus weaken the scrambling (in case you are tempted to). Everyone who uses a hash function can be expected to take those things into account (that's why my example contained different salt strings for different columns). Best, -Nikolaus -- »Time flies like an arrow, fruit flies like a Banana.« PGP fingerprint: 5B93 61F8 4EA2 E279 ABF6 02CF A9AD B7F8 AE4E 425C _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
