| Ticket Hash: | 537b718e1b4e231b8ba68c1a5ad1a85a738c991b | ||
| Title: | Use of RC4 for database encryption | ||
| Status: | Deferred | Type: | Feature_Request |
| Severity: | Important | Priority: | Medium |
| Subsystem: | Legacy_CryptoAPI | Resolution: | Rejected |
| Last Modified: |
2016-02-15 20:09:33 9.40 years ago |
Created: |
2015-09-09 16:06:31 9.84 years ago |
| Version Found In: | 1.0.98.0 | ||
| User Comments: | ||||
anonymous added on 2015-09-09 16:06:31:
When using Password=password to encrypt a database, the encryption algorithm is RC4 (crypt.c line 249): CryptDeriveKey(g_hProvider, CALG_RC4, hHash, 0, &hKey); Is there some reason this couldn't be updated to be a stronger algorithm such as AES265? I've made code changes in my own build using CALG_AES_256 which works fine. Understandably this would have to go in as another option to allow existing databases encrypted with RC4 to be opened, but it would make a valuable addition. anonymous added on 2016-02-15 10:11:56: I have submitted a patch to drh@sqlite.org which addresses this issue by providing additional encryption algorithms but also maintaining compatibility to the RC4 encryption a little more than a week ago and am now awaiting some feedback. | ||||