| Subject | Re: [Firebird-Architect] Re: database encryption |
|---|---|
| Author | Geoff Worboys |
| Post date | 2010-11-07T10:40:31Z |
Dimitry Sibiryakov wrote:
deterministic and so are all subject to known-plaintext attack,
but most of this sort of detail is in the implementation ... if
you know how to do it properly you can cover such issues.
Remember that the encryption algorithm is just one part of it,
the protocol (both line and in-code) plays a critical part in
making the algorithm secure. (This is the sort of stuff I was
talking about with block-cipher modes of operation, I imagine
the same sorts of techniques must apply to line encryption.)
This is why you can't just pickup an algorithm and use it, you
must understand how it should be used to ensure security.
At the moment much of this conversation is the blind leading
the blind. If anyone is going to take this project seriously
they need to look at some appropriately qualified references.
Something like the book I cited previously is likely to give
you better advice than anything you will get on this list.
Without real expertise on the project it may be relevant to
try and use libraries with good reputations or see if you can
find someone with the appropriate experience to help.
--
Geoff Worboys
Telesis Computing
> How strong is AES against known plaintext attack? ContentAs far as I know all symmetric encryption algorithms are
> of some network packets and database pages can be predicted
> with very high probability.
deterministic and so are all subject to known-plaintext attack,
but most of this sort of detail is in the implementation ... if
you know how to do it properly you can cover such issues.
Remember that the encryption algorithm is just one part of it,
the protocol (both line and in-code) plays a critical part in
making the algorithm secure. (This is the sort of stuff I was
talking about with block-cipher modes of operation, I imagine
the same sorts of techniques must apply to line encryption.)
This is why you can't just pickup an algorithm and use it, you
must understand how it should be used to ensure security.
At the moment much of this conversation is the blind leading
the blind. If anyone is going to take this project seriously
they need to look at some appropriately qualified references.
Something like the book I cited previously is likely to give
you better advice than anything you will get on this list.
Without real expertise on the project it may be relevant to
try and use libraries with good reputations or see if you can
find someone with the appropriate experience to help.
--
Geoff Worboys
Telesis Computing