Show HN: Roast my SQLite encryption at-rest

SQLite encryption at-rest is a hot requested feature of both the “default” CGo driver [1] and the transpiled alternative driver [2]. So, this is a feature I wanted to bring to my own Wasm based Go driver/bindings [3].

Open-source SQLite encryption extensions have had a troubled last few years. For whatever reason, in 2020 the (undocumented) feature that made it easy to offer page-level encryption was removed [4]. Some solutions are stuck with SQLite 3.31.1, but Ulrich Telle stepped up with a VFS approach [5].

Still, their solution seemed harder than something I'd want to maintain, as it requires understanding the structure of what's being written to disk at the VFS layer. So, I looked at full disk encryption for something with less of an impedance mismatch.

Specifically, I'm using the Adiantum tweakable and length-preserving encryption (with 4K blocks, matching the default SQLite page size), and encrypting whole files (rather than page content).

I'm not a cryptographer, so I'd really appreciate some roasting before release.

There is nothing very Go specific about this (apart from the implementation) so if there are no obvious flaws, it may make sense to port it to C/Rust/etc and make it a loadable extension.

[1] https://github.com/mattn/go-sqlite3/pull/1109

[2] https://gitlab.com/cznic/sqlite/-/issues/105

[3] https://github.com/ncruces/go-sqlite3/issues/55

[4] https://github.com/sqlite/sqlite/commit/b48c0d59

[5] https://github.com/utelle/SQLite3MultipleCiphers

Comments URL: https://news.ycombinator.com/item?id=40208800

Points: 30

# Comments: 7

https://github.com/ncruces/go-sqlite3/tree/main/vfs/adiantum