System.Data.SQLite
View Ticket
Not logged in
Ticket UUID: 537b718e1b4e231b8ba68c1a5ad1a85a738c991b
Title: Use of RC4 for database encryption
Status: Deferred Type: Feature_Request
Severity: Important Priority: Medium
Subsystem: Legacy_CryptoAPI Resolution: Rejected
Last Modified: 2016-02-15 20:09:33
Version Found In: 1.0.98.0
User Comments:
anonymous added on 2015-09-09 16:06:31:
When using Password=password to encrypt a database, the encryption algorithm is RC4 (crypt.c line 249):

CryptDeriveKey(g_hProvider, CALG_RC4, hHash, 0, &hKey);

Is there some reason this couldn't be updated to be a stronger algorithm such as AES265?  I've made code changes in my own build using CALG_AES_256 which works fine.

Understandably this would have to go in as another option to allow existing databases encrypted with RC4 to be opened, but it would make a valuable addition.

anonymous added on 2016-02-15 10:11:56:
I have submitted a patch to drh@sqlite.org which addresses this issue by providing additional encryption algorithms but also maintaining compatibility to the RC4 encryption a little more than a week ago and am now awaiting some feedback.