-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security Concerns when encrypting the database with password #581
Comments
Completely agree with this. I also noticed that there is a critical bug in that an SHA1 hash of the database password is stored in the database header page. Any file with the same password will have the same password hash. A malicious user could generate hashes for common passwords and simply compare them with the hash stored in the header page which is computationally easy. |
Hi @ronnieoverby and @elyoh, LiteDB implement a simple encription feature (and now reading this I can see how simple is it). This must be reviewed. This encryption is on my list be complete re-write, but first I will need undersant better all encryption process. I only knows basics about encryption. There is any reference where I can study more about this? |
The book I referenced is a good start. The theme of the book is "you aren't a cryptography expert, so just do what the experts tell you and nothing else". That should be your mantra. It's mine. There's a section in the book that's all about symmetric encryption and common mistakes. Here are the common mistakes that he lists:
Addressing each of these issues would be a good start. Also, read that book. It's $19. |
Has this been fixed? We are considering using LiteDB for our software. Password encryption is of great importance to us. Please advise. |
@mbdavid |
Hi! With the objective of organizing our issues, we are closing old unsolved issues. Please check the latest version of LiteDB and open a new issue if your problem/question/suggestion still applies. Thanks! |
I have a few concerns. For LiteDB's encryption feature to be taken seriously, these should be addressed:
Rfc2898DeriveBytes
with defaults.Rfc2898DeriveBytes
. It's default iteration count is too low and it is hard coded to use SHA1. Use a better implementation.http://securitydriven.net/inferno/ is a wonderful library that leverages existing crypto api's in a way that makes it much harder to screw up.
The author also has a companion book that I would recommend to anyone. The library is MIT licensed, professionally audited and highly regarded.
One issue is that it hasn't been ported to target .NET standard yet, but they are talking about it in their issues (it's the only open issue).
Anyway, those are my thoughts.
The text was updated successfully, but these errors were encountered: