objectbox-dart icon indicating copy to clipboard operation
objectbox-dart copied to clipboard

Published 20 hours ago verified publisher icon objectbox

Encryption

Open AdityaPawar27 opened this issue 3 years ago • 11 comments

I wanted to know whether the mdb file is password protected and encrypted by default? And if it is, what the encryption techniques used. Are they realible enough? As I am going to use it to tore really sensitive data

AdityaPawar27 avatar Apr 20 '21 05:04 AdityaPawar27

No, encryption by the database itself is currently not supported. There's an issue in objectbox-java also asking for this, feel free to pitch in: https://github.com/objectbox/objectbox-java/issues/8

For now, you can store encrypted data, but need to do the encryption yourself, before writing to database. This will, however, limit your options on how to run queries.

Also, what do you mean by the title "The Created mdb file while opening ask's for a password." - how are you trying to open the file that it asks for a password. There's certainly no such functionality implemented in objectbox-dart.

vaind avatar Apr 20 '21 07:04 vaind

Okay Got it! Actually Object Box's db file is stored in .mdb formot right? So I tried opening it and I can't open it. Can you tell me something about this please?

AdityaPawar27 avatar Apr 20 '21 09:04 AdityaPawar27

.mdb is just an extension used, it's not in any common format - you won't be able to open it (with any reasonable results) with anything but ObjectBox.

vaind avatar Apr 20 '21 09:04 vaind

Okay Got it! Thanks. Also 1 more thing, Do you plan to bring encryption in near future? If yes then whats the tentative time it's gonna take?

AdityaPawar27 avatar Apr 20 '21 11:04 AdityaPawar27

We don't have a date for this and probably this won't happen short term.

A :+1: reaction on the issue will help to track interest though... Thanks.

greenrobot avatar Apr 23 '21 13:04 greenrobot

Okay. Hope you do that soon as it's really important! Ya sure

AdityaPawar27 avatar Apr 23 '21 16:04 AdityaPawar27

any news on this?

alsoLut avatar May 18 '21 13:05 alsoLut

.mdb is just an extension used, it's not in any common format - you won't be able to open it (with any reasonable results) with anything but ObjectBox.

mdb extension have Microsoft Access databases, I spent over 10 hours trying to open this on linux. Why not use other letters, so as not to mislead people or write it in the documentation.

QiXi avatar Sep 26 '21 20:09 QiXi

In the meanwhile, you can check out SQLCipher and use greenDAO on top and combine the secure storage solution of your OS (e.g. keystore / keychain), to store a biometrically mapped key and a pin/passphrase, and use these to encrypt/decrypt your SQLCipher database.

Buggaboo avatar Jan 27 '22 16:01 Buggaboo

What is the status of this, as I'll need to store sensitive data in db? I wanted to encrypt .mdb file with AES256, but I couldn't find any reasonable solution.

Also I can read .mdb file in text editor (Mac), all data strings are clear readable. Meaning any rooted or uncommon android OS could gain access to data

ebelevics avatar May 11 '23 07:05 ebelevics

If there is an update, we will share it. See our last comment on possible workarounds.

If you are interested in this, please thumbs up the first post instead. This helps us track interest.

greenrobot-team avatar May 15 '23 10:05 greenrobot-team