| Subject | Re: [Firebird-Architect] Re: database encryption |
|---|---|
| Author | Alex Peshkoff |
| Post date | 2010-11-07T12:34:19Z |
On 11/07/10 05:30, Jim Starkey wrote:
algorithm, what library, etc.). Instead interfaces needed to support
line & file encryption should be defined.
> This is absurd. Line and database file encryption is a perfectlyMoreover, they (specially line encryption) are in our roadmap for FB3.
> reasonable request and well within the state of the art.
> Throwing aI suggest here not to go into details of crypt implementation (what
> bunch of bogus objections at it will not make it go away. Yes, on one
> hand, a provably secure solution assuming that DNS and the OS have been
> successfully hijacked is not feasible, but that isn't necessary.
>
> I suggest there are two basic requirements:
>
> 1. Defensible line security to level of AES, including intelligent
> use of PKES for key exchange
> 2. File (page) level encryption to defeat inquiring eyes.
algorithm, what library, etc.). Instead interfaces needed to support
line & file encryption should be defined.
> Perfect security is myth, of course. ButCertainly.
> practical security that would take a realistic millennium to break is
> achievable with relative little work.