Programming

21522 readers

505 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Follow the programming.dev instance rules
Keep content related to programming in some way
If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities [email protected]

founded 2 years ago

MODERATORS

[email protected]

SQLite alternative with encryption (lemmy.ml)

submitted 1 day ago by [email protected] to c/[email protected]

15 comments fedilink hide all child comments

I am searching for an SQL lite alternative that implements encryption more or less or of the box and has rust bindings. Do you know of any database systems that fulfill that requirement?

top 15 comments

sorted by: hot top controversial new old

[–] [email protected] 2 points 13 hours ago

Firebird: 13.8. Database Encryption https://www.firebirdsql.org/file/documentation/chunk/en/refdocs/fblangref30/fblangref30-security-dbcrypt.html

[–] [email protected] 22 points 1 day ago (1 children)

The application encrypts the data, you save in the database the data encrypted. When you retrieve the info, the app decrypt it.

[–] [email protected] 9 points 22 hours ago (1 children)

This makes it impossible to support any analytical SQL queries against the DB. Look into how to enable encryption at rest on whichever DB you choose.

[–] [email protected] 9 points 22 hours ago

So put an SQLite database on a Luks-encrypted partition or a Luks-encrypted filesystem in a file.

[–] [email protected] 5 points 19 hours ago

Turso: https://docs.turso.tech/libsql#encryption-at-rest

Also, DuckDB devs said it was planned: https://github.com/duckdb/duckdb/discussions/4512

[–] [email protected] 5 points 19 hours ago* (last edited 19 hours ago)

SQLCipher fits that bill. I had some issues with language integration but depending on what you're using it might work for you.

[–] [email protected] 9 points 1 day ago (1 children)

Well, sqlite

[–] [email protected] 4 points 1 day ago

For the low low price of $2000

[–] [email protected] 6 points 1 day ago

Use an encryption library to decrypt the database in memory and encrypt it prior to writing it to disk. Assuming that you are not afraid of data loss due to power loss; that would be the most secure option and it works with the standard SQLite library

Or if you need more fault tolerance. The SQLite Encryption Extension (SEE) will read and write database files encrypted using 128-bit or 256-bit AES.

[–] [email protected] 6 points 1 day ago (1 children)

Encryption is usually implemented in the server or client code. Why do you want the database to handle encryption?

[–] [email protected] 2 points 16 hours ago (1 children)

It is for as desktop app that stores data on a user drive.

[–] [email protected] 2 points 14 hours ago (1 children)

Then the application should encrypt the data saved to the db.

I can't think of any scenario where it would make sense for the db to handle encryption.

[–] [email protected] 3 points 10 hours ago

Encryping by the application would kill the use of a lot of sql features such as SUM.

[–] [email protected] 6 points 1 day ago

Depending on the application could you just mount a filesystem that supports encryption? Even if it’s just mounting a .tar file.

[–] [email protected] 2 points 23 hours ago

https://github.com/utelle/SQLite3MultipleCiphers/