SQLCipher 4.0.0 Release

2018-11-30 07:00:00 -0500

We are incredibly excited to announce the much anticipated release of SQLCipher 4. This is a major update that includes new features, improvements, and fixes. Here are some of the most important highlights:

PBKDF2-HMAC-SHA512 is the new KDF algorithm
HMAC-SHA512 is now used for per-page HMACs
The default database page size has been increased to 4096 bytes
KDF iteration count has been increased to 256,000
Improved memory sanitization features
Significant performance improvements for common use cases on platforms including iOS, Android, and Windows
New baseline on upstream 3.25.2 enabling many new SQLite features
Completely revamped client API support for .NET based platforms including sqlite-net, Entity Framework, and Microsoft ADO.NET

The full list of changes in the release can be found below. Note that changes indicated by a * are high impact and will impact compatibility with prior version of SQLCipher!

SQLCipher Core

Default page size for databases increased to 4096 bytes (up from 1024) *
Default PBKDF2 iterations increased to 256,000 (up from 64,000) *
Default KDF algorithm is now PBKDF2-HMAC-SHA512 (from PBKDF2-HMAC-SHA1) *
Default HMAC algorithm is now HMAC-SHA512 (from HMAC-SHA1) *
PRAGMA cipher is now disabled and no longer supported (after multi-year deprecation) *
PRAGMA rekey_cipher is now disabled and no longer supported *
PRAGMA rekey_kdf_iter is now disabled and no longer supported *
By default all memory allocated internally by SQLite before the memory is wiped before it is freed
PRAGMA cipher_memory_security: allows full memory wiping to be disabled for performance when the feature is not required
PRAGMA cipher_kdf_algorithm, cipher_default_kdf_algorithm to control KDF algorithm selection between PBKDF2-HMAC-SHA1, PBKDF2-HMAC-SHA256 and PBKDF2-HMAC-SHA512
PRAGMA cipher_hmac_algorithm, cipher_default_hmac_algorithm to control HMAC algorithm selection between HMAC-SHA1, HMAC-SHA256 and PBKDF2-HMAC-SHA512
Based on upstream SQLite 3.25.2
When compiled with readline support, PRAGMA key and rekey lines will no longer be saved to history
Adds second optional parameter to sqlcipher_export to specify source database to support bidirectional exports
Fixes compatibility with LibreSSL 2.7.0+
Fixes compatibility with OpenSSL 1.1.x
Simplified and improved performance for PRAGMA cipher_migrate when migrating older database versions
Refactoring of SQLCipher tests into separate files by test type
PRAGMA cipher_plaintext_header_size and cipher_default_plaintext_header_size: allocates a portion of the database header which will not be encrypted to allow identification as a SQLite database
PRAGMA cipher_salt: retrieve or set the salt value for the database
Adds Podspec for using tagged versions of SQLCipher
Define SQLCIPHER_PROFILE_USE_FOPEN for WinXP support
Improved error handling for cryptographic providers
Improved memory handling for PRAGMA commands that return values
Improved version reporting to assist with identification of distribution
Major rewrite and simplification of internal codec and pager extension
Fixes compilation with –disable-amalgamation
Removes sqlcipher.xcodeproj build support

SQLCipher for Android

Substantial improvements to cursor access performance due to new loading heuristics
Define custom cursor allocation sizes for paging query results, including initial, growth size, and maximum memory allocations
Option to disable loading heuristic via setFillWindowForwardOnly on SQLiteCursor instance
JNI CursorWindow caching of chunk pointer offsets to minimize linked list traversal
Query total data size, and largest individual row in bytes based on provided query
WAL mode API to enable, disable, and check if enabled
Add API to get list of attached databases
Add API to perform integrity check of the database
Add API to enable, or disable foreign key constraints
Improvements to begin transactions to allow for immediate and exclusive modes
SQLiteOpenHelper supports onConfigure and onDowngrade callbacks
SQLiteOpenHelper exposes the database name, and current WAL mode
Improve exceptions thrown within JNI layer
SQLCipher for Android target SDK set to 26
Add support for AboutLibraries

SQLCipher for iOS

To allow the use of WAL mode databases in shared containers use PRAGMA cipher_plaintext_header_size and cipher_default_plaintext_header_size to allocate a portion of the database header which will not be encrypted to allow identification as a SQLite database.
Major (2x or more) performance improvements with hardware acceleration on 4K page size databases
Removes support for sqlcipher.xcodeproj integration method for Community Edition*

SQLCipher for .NET, Xamarin, and Windows

Client APIs now support a new sqlite-net compatible package based on the official praeclarum/sqlite-net library (was previously based on SQLite.Net-PCL) *
Adds support for Microsoft Entity Framework via Microsoft.EntityFrameworkCore.Sqlite.Core 2.x
Adds support for Microsoft’s ADO.NET implementation via Microsoft.Data.Sqlite.Core 2.x
Substantial performance enhancements for Windows UAP and Runtime packages (up to 50%+ improvement under certain tests)
Updates to all cryptographic support libraries including OpenSSL 1.1.1, OpenSSL 1.0.2p, OpenSSL FIPS 2.0.16, and LibTomCrypt 1.18.2
Windows Phone is no longer supported due to the product end of life

Note: .NET, Windows and Xamarin packages are available exclusively via Commercial Edition packages and under the SQLCipher Enterprise Program.

Compatibility

Many of these changes provide a much higher level of security than previous versions of SQLCipher. However, the new page size of 4096, 256,000 KDF iterations, use of PBKDF2-HMAC-SHA512 and HMAC-SHA512 all modify important database settings. Thus, SQLCipher 4 will not open older databases by default. As always, we have updated our migration feature to streamline the upgrade process. To enable backwards-compatibility, it is possible to adjust settings at runtime or migrate older databases:

To migrate and upgrade an existing database in place (preserving data and schema), use the new default settings, use PRAGMA cipher_migrate.
To open an older database used pragmas to adjust settings back to their previous values. For example, to open a SQLCipher 3 database using SQLCipher 4, you could use the following statements after opening and keying the database: PRAGMA cipher_page_size = 1024; PRAGMA kdf_iter = 64000; PRAGMA cipher_hmac_algorithm = HMAC_SHA1; PRAGMA cipher_kdf_algorithm = PBKDF2_HMAC_SHA1;
To attach and export data to a new database, use the sqlcipher_export() convenience function. This would let you control migration using very specific or custom settings.

Availability

Commercial Edition - On-demand access to new releases of SQLCipher Commercial Edition are available to licensees with an active CipherCare subscriber subscription, along with private, prioritized support directly from Zetetic. CipherCare subscribers will receive a separate email notification regarding the update and can contact us to request the latest SQLCipher distribution and applicable software license codes.

SQLCipher Enterprise Program - Enterprise Program Subscription customers will receive a separate email notification about the release, and the latest SQLCipher packages and license codes will be provided directly via your organization’s private online software delivery share.

Community Edition - SQLCipher 4.0.0 in source format is directly available on GitHub. The Community Edition of SQLCipher for Android is available via AAR packaging. The Community Edition of SQLCipher for iOS can be compiled from source or using CocoaPods.

Additional Details

Over the coming weeks we will be posting more detailed blog posts that elaborate on specific features and improvements that have been made with the latest SQLCipher release.