Hello All. I'm just looking for a little clarification, or perhaps ratification is a better word.
I'm writing a line-of-business app for a small business segment, and I need to be able to provide on-disk encrypted database files. The encryption doesn't need to be a brick wall, just a hurdle will do. As this app is targeted for Windows desktops, if the hacker has access to the database file, then he has access to the machine, so a sufficiently determined attack will succeed. The primary expected threat vectors facing the encryption will be overly-inquisitive and opportunistic users. So, now that you have the background, my intention is to utilize the RC4 encryption implementation provided in the public domain by Robert Simpson, the author of System.Data.SQLite.dll, and to include that code in my own compilation of the source amalgamation of SQLite.dll, version 3.6.23 . I haven't tried it yet, but I don't really forsee any insurmountable technical problems with this approach. While I understand that the code bases for both libraries are open-source, I just want to make sure that I'm not stepping on anyone's toes with this approach, as I greatly appreciate the work of both parties. And, while I am positive that the proprietary SQLite Encryption Extension would produce a much more hardened target, it's hard to justify the investment since I don't need that level of encryption strength, and given the fact that the app will not have broad appeal outside of its business segment -- which means that development costs have to be justified with the final product price point in mind. I'm sorry if it seems like I'm being too much the bean-counter instead of the coder, but, you know, the beans pay the bills, and I kinda like having electricity. :) At any rate, if I'm on the verge of a major faux-pas, someone please let me know, and suggest possible alternatives. Thanks, Mark Benningfield _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
