Storing encrypted files inside the database

Question

Storing encrypted files inside the database

I use PyCrypto to store some files in a SQLITE database.

I use 4 fields:
file name, file
length (in bytes) the
SHA512 hash of the file is an
encrypted file (with AES, and then from base64 to ASCII).

I need all the fields to display some information about the file without decrypting it.

Question: Is it safe to store such data?
For example, the first characters of a ZIP file or executable file are always the same, and if you already know the hash and file length ... is it possible to decrypt the file, perhaps partially?

If it is not protected, how can I store some file information in order to index files without decrypting them? (information like length, hash, name, tags, etc.)

(I use python, but you can give examples in any language)

+3

python security database encryption

Cristi constantin May 07, '11 at 7:56

source share

4 answers

, AES, , ( ), . SHA512 - , , .

, . , "" , . , , , .

+3

Eli Bendersky 07 '11 8:10

"oah AES-256, , ". , , , , , .

. CWE-310. . , .

: .

+1

rook 07 '11 19:56

, , .

, , . , , , .

0

MarkR 09 '11 6:31

Demento · Accepted Answer · 2011-05-07T09:58:50+0000

To avoid the problems of the first few bytes being the same, you should use AES in Block Cipher mode with a random IV. This ensures that even if the first block (the length depends on the size of the key) of two encrypted files is exactly the same, the encryption text will be different.

If you do this, I see no problem with your approach.

Storing encrypted files inside the database

More articles: