Fork me on GitHub


LiteDB uses salted AES (as defined by RFC 2898) as its encryption. This is implemented by the Rfc2898DeriveBytes class.

The Aes object used for cryptography is initialized with PaddingMode.None and CipherMode.ECB.

The password for an encrypted datafile is defined in the connection string (for more info, check Connection String). The password can only be changed or removed by rebuilding the datafile (for more info, check Rebuild Options in Pragmas).