Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS)
Bruce Momjian <bruce@momjian.us>
From: Bruce Momjian <bruce@momjian.us>
To: Nico Williams <nico@cryptonector.com>
Cc: Joe Conway <mail@joeconway.com>, Tom Lane <tgl@sss.pgh.pa.us>, Robert Haas <robertmhaas@gmail.com>, Masahiko Sawada <sawada.mshk@gmail.com>, "Moon, Insung" <Moon_Insung_i3@lab.ntt.co.jp>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2018-06-21T15:56:39Z
Lists: pgsql-hackers
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Revamp the WAL record format.
- 2c03216d8311 9.5.0 cited
On Wed, Jun 20, 2018 at 05:28:43PM -0500, Nico Williams wrote: > On Wed, Jun 20, 2018 at 06:19:40PM -0400, Joe Conway wrote: > > On 06/20/2018 05:12 PM, Bruce Momjian wrote: > > > On Mon, Jun 18, 2018 at 11:06:20AM -0400, Joe Conway wrote: > > > Even if they are encrypted with the same key, they use different > > > initialization vectors that are stored inside the encrypted payload, so > > > you really can't identify much except the length, as Robert stated. > > Definitely use different IVs, and don't reuse them (or use cipher modes > where IV reuse is not fatal). > > > The more you encrypt with a single key, the more fuel you give to the > > person trying to solve for the key with cryptanalysis. > > With modern 128-bit block ciphers in modern cipher modes you'd have to > encrypt enough data to make this not a problem. On the other hand, > you'll still have other reasons to do key rotation. Key rotation > ultimately means re-encrypting everything. Getting all of this right is > very difficult. > > So again, what's the threat model? Because if it's sysadmins/DBAs > you're afraid of, there are better things to do. Agreed. Databases just don't match to the typical cryptographic solutions and threat models. -- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + As you are, so once was I. As I am, so you will be. + + Ancient Roman grave inscription +