On Sun, 2011-02-20 at 09:35 +0000, Philip Graham Willoughby wrote: > For this task I would use AES-256 in counter mode with an appropriate nonce > (the counter is trivially derived from the file offset of the block to be > read/written). The key should be derived from the user's password using > 10000-iteration PBKDF2 with the SHA-256 hash algorithm as the pluggable hash > function and a suitably long salt. > > If you are only doing sequential block writes you can use CBC mode rather > than counter mode - either can be used for random reads.
Thanks, Phil. This is very helpful to me. AES-256 is an accepted standard, and AFAICT offers the best openly available encryption today. Bob _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users