Subject Re: [Firebird-Architect] Re: database encryption
Author Geoff Worboys
Dimitry Sibiryakov wrote:
> In this topic we seemed to agree that [...]

<cynic mode>
Something agreed? Nah. I'm sure you're mistaken, there's
not much chance of anything being agreed.
</cynic mode>

> "good security" is impossible and some level of obscurity
> may be enough. In this case you can choose between, say,
> base64, uuencode, ROT or Caesar (if I remembered name for
> variable ROT right) algorithms.

There does seem to be some ... contention/uncertainty in the
discussion about exactly what level of security is being

On one hand we have a request for real/serious encryption and
wanting to include temporary files and disk cache etc,
but on the other the request is "not promising the world".

I think the reason for this is a distinct lack of understanding
in what is involved. It is possibly counter-intuitive to some
that you could use the current encrypt/decrypt interface to
apply AES encryption to a database - and yet have a result that
is little different in its security from a simple XOR with a
text password. One will cost you 30% overhead, the other I
guess a few %, and neither will offer any real security (but
both would stop local search engines finding plain text).

Geoff Worboys
Telesis Computing