On Tue, Feb 22, 2011 at 7:07 PM, Philip Graham Willoughby < phil.willoug...@strawberrycat.com> wrote:
> On 22 Feb 2011, at 15:41, Max Vlasov wrote: > > The obvious solution is public-key cryptography. The question is about > > different ways how it could be implemented with sqlite. The requirement > for > > this system is that it should operate in two modes: > > - insert-only when no reading operation is used. This mode uses public > key > > to store the data > > - full-mode when the private key is supplied and any operation is > possible. > > It might work, but it wouldn't be quick. Public-key cryptography is very > slow. There are benchmarks on this page ( > http://www.cryptopp.com/benchmarks.html) but most of what you need to know > is in the choice of scale: AES and other shared key systems are in > cycles-per-byte and RSA/friends are in megacycles-per-operation. > > Who are you trying to hide the data from? If it's someone with access to > the account running the program on the machine on which it's running they > could fairly easily trap the appropriate entry point in the SQLite code > using the platforms debugging facilities and log all the data you're trying > to write before it's written. > Phil, as an example, it might be a software that tracks user activity on the machine, which process was activated, how much time, which caption was active and later some software can calculate some statistics based on this. Users of such software at least would be willing to hide this big base that contain all their recent activity from occasional observer of thief . To implement this with general encryption means that he or she would enter the key when the program starts (=when the OS starts). It may be tedious. Public key cryptography would help to keep the user from entering the password every time while also keeping the data safe from decrypting. Another example is a note-taking program that doesn't require to enter the password if you just want to write something and not read. It's like general rsa but you're writing a message not to someone, but to "secret yourself" :) I suppose users would wonder why such feature is useful in the first place. A couple of cases: - You're getting used to getting something written fast (save time usually spend on entering the password). - You're partly safe from internal and external unsafe environment (someone stays behind you or your program is executed on another computer where a keylogging program can be active). There might be other cases... Max _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
