[Ssc-dev] Fwd: Re: Moving Funf to SQLCipher

Nathan of Guardian nathan at guardianproject.info
Thu Apr 26 14:47:46 EDT 2012 

-------- Original Message --------
Subject: 	Re: Moving Funf to SQLCipher
Date: 	Thu, 26 Apr 2012 11:43:26 -0700 (PDT)
From: 	Nathan of Guardian <nathan at guardianproject.info>
Reply-To: 	funf-developer at googlegroups.com
To: 	funf-developer at googlegroups.com





On Thursday, April 26, 2012 2:00:40 PM UTC-4, Nadav Aharony wrote:

    We actually really like SQLCypher and considered doing this about a
    year ago, but at least at the time SQLCypher was encrypting the
    entire database every time, and not doing per-field encryption (and
    field names) - so we could not efficiently use it with the amount of
    read/writes that we did. I haven't checked the updates recently -
    Does it support this type of functionality? (if so that's really
    great, if not - consider it a feature request :).

 
It doesn't technically encrypt the database every time. It is actually a
bit more efficient than that.  I am curious if you had the chance to do
performance tests, or the performance issue was based on intuition?

SQLCipher is implemented in native C as are the encryption libraries
(OpenSSL essentially), with a JNI wrapper, so the performance is quite
good. If you look at this post from our partner at Zetetic, there was
only a 3% performance issue with a 15,000 record insert that used a
transaction: http://sqlcipher.net/blog/2011/5/7/sqlcipher-performance-and-sqlcipherspeed.html

 

    Funf does encrypt the full databases when we are done writing to one
    with a user specified key, but that's mostly for when we back them
    up on the phone or transport them to the back-end. SQLCypher could
    be very useful for apps that actually use this data while its on the
    phone so we'd would love to be able to add it as a type of
    local storage maybe (and if it had the per-field capabilities it
    might be able to be the default mode of storage).


SQLCipher shines when you are talking about data interchange, as it is
already a great cross platform library. If you can use a Dropbox style
"binary diff" algorithm for remote syncing, then that can be made quite
efficient as well.

Finally, we just like to encourage developers who need security and
encryption, but aren't necessarily 100% focused on that, to use reusable
core libraries by security focused projects as much as possible.
SQLCipher has been around for 5 years all in all, and the Android
version has been well vetted at this point. 

We just want FUNF to be able to focus on being more FUNF-y.

Best,
 Nathan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mayfirst.org/pipermail/ssc-dev/attachments/20120426/94a28124/attachment.htm>

More information about the Ssc-dev mailing list