ODBC Driver for SQLite

Database Encryption - ODBC Driver for SQLite

How SQLite Database Encryption Works

The SQLite database engine provides the ability to work with encrypted databases. The SQLite client library performs low-level encryption and decryption on the fly: database files are encrypted or decrypted during read/write operations. These operations are completely transparent to the applications accessing the database. However, the official SQLite client library doesn't support encrypting database files by default. Instead, you need to use a custom version of SQLite with encryption extensions.

Database Encryption with ODBC Driver for SQLite

Devart ODBC Driver for SQLite provides built-in encryption capabilities in the Direct mode, which allows you to:

Note: There're no standard requirements defined for implementing database encryption for SQLite. Thus, the implementation of database encryption in Devart ODBC Driver for SQLite is only compatible with other Devart products, such as LiteDAC and UniDAC. Devart ODBC Driver for SQLite can only work with databases that were encrypted by the driver itself, LiteDAC, or UniDAC.

Encrypting a Database

The PRAGMA ENCRYPTION statement specifies the encryption algorithm that will be used to encrypt an unencrypted database. It can't be used on a database encrypted with a different encryption algorithm. The statement can be run with one of the following values: TripleDES, Blowfish, AES128, AES192, AES256, Cast128, or RC4.

The PRAGMA REKEY statement is used to encrypt an unencrypted database, change the encryption key of an encrypted database, or decrypt a database.

The PRAGMA statements can be executed using any database tool with Devart ODBC Driver for SQLite after connecting to the database in the Direct mode. To enable this mode, select the corresponding checkbox in the DSN settings, or set the Direct parameter to True in the connection string:

DRIVER=Devart ODBC Driver for SQLite;Direct=True;Database=D:\DeptEmp.db3

Execute the statements to encrypt the database, for example:

PRAGMA ENCRYPTION=TripleDES;
PRAGMA REKEY='mynewkey';

Connecting to an Encrypted Database

To connect to an encrypted database, enable the Direct mode and specify the Encryption Algorithm and Encryption Key in the DSN settings or in the connection string, for example:

DRIVER=Devart ODBC Driver for SQLite;Direct=True;Database=D:\DeptEmp.db3;EncryptionAlgorithm=TripleDES;EncryptionKey=mykey

Changing the Encryption Key of a Database

To change the encryption key of a database, connect to the database and execute the PRAGMA REKEY statement with a new encryption key:

PRAGMA REKEY='mynewkey';

Decrypting a Database

To decrypt a database, connect to the database and execute the PRAGMA REKEY statement with an empty value:

PRAGMA REKEY='';
© 2015-2022 Devart. All Rights Reserved. Request Support ODBC Forum Provide Feedback