Re: storing an explicit nonce
Bruce Momjian <bruce@momjian.us>
From: Bruce Momjian <bruce@momjian.us>
To: Sasasu <i@sasa.su>
Cc: pgsql-hackers@lists.postgresql.org
Date: 2021-09-27T20:34:48Z
Lists: pgsql-hackers
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Rethink method for assigning OIDs to the template0 and postgres DBs.
- 2cb1272445d2 15.0 landed
-
pg_upgrade: Preserve database OIDs.
- aa01051418f1 15.0 landed
-
pg_upgrade: Preserve relfilenodes and tablespace OIDs.
- 9a974cbcba00 15.0 landed
-
Fix for new Boolean node
- cf925936ecc0 15.0 cited
-
Improve error handling of HMAC computations
- 5513dc6a304d 15.0 cited
-
Add macro RelationIsPermanent() to report relation permanence
- 95d77149c535 14.0 landed
-
Enhance nbtree index tuple deletion.
- d168b666823b 14.0 cited
On Sun, Sep 5, 2021 at 10:51:42PM +0800, Sasasu wrote: > Hi, community, > > It looks like we are still considering AES-CBC, AES-XTS, and AES-GCM(-SIV). > I want to say something that we don't think about. > > For AES-CBC, the IV should be not predictable. I think LSN or HASH(LSN, > block number or something) is predictable. There are many CVE related to > AES-CBC with a predictable IV. The LSN would change every time the page is modified, so while the LSN could be predicted, it would not be reused. However, there is currently no work being done on page-level encryption of Postgres. -- Bruce Momjian <bruce@momjian.us> https://momjian.us EDB https://enterprisedb.com If only the physical world exists, free will is an illusion.