Database encryption
I have a desktop application that needs to read data from a database installed on a client machine.
This data in the database must be encrypted to deny access to the client and protect the data.
I need to know which database to use that can support encryption because the amount of data in some tables will be very huge, I also need efficiency.
I've read about this on the website and maybe SQL Server Compact Edition would be a good choice.
Can anyone help me with this point?
thanks
SQL Server 2008 includes a feature called transparent data encryption that can do what you want. I don't know if the Compact Edition contains this feature. A little keyword search should get you started. I generally don't recommend using SQL Server, but in this case I am not aware of any similar functionality from other DB vendors (but they must exist ...).
However, what are you hoping to get by encrypting your data? If it is completely client side, then the client will have a key to decrypt the data. In the best case scenario, you make a small obstacle for people to get the contents of your database. It will not be protected by any meaningful definition.
a source to share
You cannot prevent a specific attacker from gaining access to the decryption key and accessing the database. This is an effective copy protection scheme and they are all broken.
Update. The question says: "This data in the database must be encrypted to deny access to the client and to protect the data." If the client has access to any application that can access the database, it has access to the key used by the application and can bypass the application to access the database directly.
If the inevitable logic has no appeal, consider anecdotal evidence of failed copy protection schemes trying to protect music, games, and other digital assets.
a source to share
SQLite has an Encryption Extension (SEE) that allows an application to read and write encrypted database files: http://www.hwaci.com/sw/sqlite/see.html
This DB can be suitable for a desktop application and is widely used. For example, I believe FireFox is using it internally.
a source to share
SQL Server CE does not support encryption at all. You can at best encrypt the database file with host encryption tools. File-level encryption does not work for databases, as to read page X in a file, all pages 1 ... X-1 must be decrypted to get the encryption key in the correct state (reach the correct CBC block state). BitLocker, on the other hand, works great as it can decrypt / encrypt the pages in the file individually. But BitLocker is a partition level, not a file level. These general considerations apply to any non-product-specific entire database file encryption plan (SQL CE, SQL Express, MySQL, Access, whatever).
SQL Server has database level encryption. The easiest to use is TDE, Transparent Data Encryption , but it requires the Enterprise Edition. Another option is to use cryptographic functions and manage the encryption itself . Hardly easy to use, but available in the free Express version.
a source to share
Would I Recommend SQLCipher ? It is a free, open source implementation of SQLite that supports transparent page-level encryption. It is similar to SEE, it is under active development and has experimental support for a number of different ciphers as it uses OpenSSL for some implementation. Full disclosure: I'm one of the developers! We have a tutorial on how to use it in iPhone apps to give you a basic understanding of how it works, and there is a stream of comments that expands on some related topics. Obviously using it in Visual Studio will be slightly different from Xcode, but you should be able to hook up the link and get it in Windows environment.
a source to share