[Botan-devel] SQLite3 encryption codec with Botan

Mr Diggilin mr.diggilin at gmail.com
Fri Apr 10 22:14:48 EDT 2009


Hi,
I'm considering implementing the encryption hooks in SQLite3 using
Botan. So far everything seems workable, except for one problem -- key
salting.

SQLite gives the passphrase for encryption, which I intend to use with a
PBKDF to create the key. The only problem then, is that I need a salt. I
cannot generate a salt randomly because there's no place to store (and
from thence restore) it.
It seems like my only option is to hard-code the salt in the code, but
I'm not sure exactly what the security implications are when doing so.

Questions:
Is hard-coding the salt a bad idea?
Are there other options I'm not thinking of?

Thanks for any assistance.

-Oli D.

PS. Jack, would you be interested in hosting an SQlite3 encryption codec
implemented using Botan? If I do go this route I'd be happy to provide
what I come up with.




More information about the botan-devel mailing list