Examples of encryption for database access

Mark Wieder ahsoftware at sonic.net
Tue Jun 26 17:37:05 EDT 2018


On 06/25/2018 08:57 PM, Brian Milby via use-livecode wrote:
> One thing this misses is that the IV is not another private key/password. It should be random/different for every use of the key.

True, but for the purpose of Bill's demo it works fine. For that matter, 
a 16-bit iv won't get you very far either. I'd be inclined to generate a 
large random iv and post it to the server with the encrypted data. But 
I'd also worry about putting a database out in the open like this 
without good security constraints. Of course, I have no idea what Bill 
has in mind here, so ymmv.

-- 
  Mark Wieder
  ahsoftware at gmail.com




More information about the Use-livecode mailing list