I would have thought that modifying details in the database would just
corrupt it?
Not necessarily. Encryption doesn't necessarily provide integrity.
It's a common misconception that encryption provides integrity because
"modifying a ciphertext would just corrupt the plaintext" -- but that
conception is not accurate, as is explained in modern crypto textbooks.
A message authentication code (MAC) computed across the database would
ensure that changes are detected, but if there is no MAC and the
database is merely encrypted, it might be possible to cause mischief
by modifying the database.
.
Re: encrypted filesystems ... |> Encryption is for keeping data secret.... The original descryption was a network security configuration being tampered ... layer or the block device layer to ensure data integrity,... (comp.os.linux.development.system)
Re: Best definition of cryptography ... > We all know that cryptography is much more than that. ...Integrity in it's essence has nothing to do with encryption... You can also use a MAC to build an encryption scheme,... (sci.crypt)
Re: [Patch 3/7] integrity: EVM as an integrity service provider ...integrity provider is designed to complement mandatory access control ... against on-line attacks, but do not protect against off-line attacks ... against attacks which find weaknesses in the kernel or the LSM module ... most encryption is slower than hmac, ... (Linux-Kernel)
New Encryption Mode ... An E-mail I received has inspired me to review one of the encryption... The second counter values get encrypted by a block cipher,... in what I think is a careful way, I achieve integrity awareness.... those pretty weak integrity checks, ... (sci.crypt)
Re: File Encryption ...Daniel Weber wrote: ... >>The key should be used to derive two keys, an encryption key and a MAC... >>check the integrity of the file and the key. ... (sci.crypt)
