|Subject||Re: [firebird-support] FB Embedded: Table Field encryption questions|
> My main concern yesterday was whether using XOR encryptionYes, this is true. As long as everyone understands that such
> could be used for incremental searches, which my program
> uses a lot. I would like to let anyone interested know that
> it does just fine. In other words, XOR encrypts the first
> two letters of a partial word the same as it would the first
> two characters of the full word. This will make searching
> possible on the main descriptors of the treeview possible.
a scheme is only obsuring the text - it is not very secure.
To quote my copy of "Applied Cryptography" by Bruce Schneier:
"It's an embarrassment to put this algorithm in a book" :-)
> Other encryption schemes seem to add characters to the stringWhat you will find is that strong encryption first performs
> being encrypted such that merely two characters would be
> different from the first two characters of the full word.
> (Maybe I'm wrong on this? but I seemed to have seen this with
> BlowFish as an example.)
compression. Depending on the schemes used etc this will often
result in growth rather than compression when used on very
small inputs. When you add the sophistication of strong
encryption your output will (hopefully) be quite unpredictable.
> I appreciate that this topic is somewhat off topic, but IGiven the number of questions relating to security lately
> know I'm not the only one whose had such concerns with a
> desktop system with a distributed DB and using FB embedded.
> Thanks to the monitors for allowing this discussion.
I dont think this was too far off-topic for this group.