Subject Re: [Firebird-Architect] Re: database encryption
Author Jim Starkey
On 11/7/2010 5:53 AM, Alex Peshkoff wrote:
> On 11/04/10 22:30, Jim Starkey wrote:
>> If anyone is interested in pursuing database and/or line encryption, a
>> very useful library is LibTomCrypt. While not actively supported, it's
>> been stable for about a decode, and has a very open style BSD license.
>> The library has just about everything you'd ever want, but I've been
>> content with SHA, AES, and RSA. The code is C, but the conversion to
>> C++ is trivial. Like most crypto libraries, you have to argue with it a
>> bit to subset, but unlike others, it's possible.
>> But a small warning is in order: Like virtually everything in the crypto
>> world, things are more complicated than need be.
> Jim, almost all words said here can be applied to openssl library too
> except may be one - openssl is actively supported. It's very interesting
> - what is that specific feature(s) of LibTomCrypt that makes you
> recommend it?

The license. OpenSSL has a requirement that any use be mentioned in
documentation and advertising which would apply to both Firebird and
Firebird users. Between this and GPL conflicts, many projects steer
clear of OpenSSL. I decided early in Netfrastructure that I didn't want
the grief. MySQL actually pays for another SSL implementation to avoid

My idea of open source is building software that other people can build
on. Putting nasty little restrictions here and there defeats this
purpose. I'm happy with general Apache, BSD, and Mozilla type
licenses. Many others leave me cold. The Vulcan code, for example, was
IDPL with a caveat that it couldn't be released under any other license
without the author's written permission.

If we're going to argue about crypto, we might as well argue about open
source license except for the fact that I think we're all on the same page.

Jim Starkey
Founder, NimbusDB, Inc.
978 526-1376