Re: storing an explicit nonce

Stephen Frost <sfrost@snowman.net>

From: Stephen Frost <sfrost@snowman.net>
To: Ants Aasma <ants@cybertec.at>
Cc: Antonin Houska <ah@cybertec.at>, Bruce Momjian <bruce@momjian.us>, PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>, Robert Haas <robertmhaas@gmail.com>, Sasasu <i@sasa.su>
Date: 2021-10-12T21:53:01Z
Lists: pgsql-hackers

Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. Rethink method for assigning OIDs to the template0 and postgres DBs.

  2. pg_upgrade: Preserve database OIDs.

  3. pg_upgrade: Preserve relfilenodes and tablespace OIDs.

  4. Fix for new Boolean node

  5. Improve error handling of HMAC computations

  6. Add macro RelationIsPermanent() to report relation permanence

  7. Enhance nbtree index tuple deletion.

Greetings,

On Tue, Oct 12, 2021 at 17:49 Ants Aasma <ants@cybertec.at> wrote:

>
> On Wed, 13 Oct 2021 at 00:25, Bruce Momjian <bruce@momjian.us> wrote:
>
>> On Tue, Oct 12, 2021 at 11:21:28PM +0300, Ants Aasma wrote:
>> > On Tue, 12 Oct 2021 at 16:14, Bruce Momjian <bruce@momjian.us> wrote:
>> >
>> >     Well, how do you detect an all-zero page vs a page that encrypted
>> to all
>> >     zeros?
>> >
>> > Page encrypting to all zeros is for all practical purposes impossible
>> to hit.
>> > Basically an attacker would have to be able to arbitrarily set the whole
>> > contents of the page and they would then achieve that this page gets
>> ignored.
>>
>> Uh, how do we know that valid data can't produce an encrypted all-zero
>> page?
>>
>
> Because the chances of that happening by accident are equivalent to making
> a series of commits to postgres and ending up with the same git commit hash
> 400 times in a row.
>

And to then have a valid checksum … seems next to impossible.

Thanks,

Stephen

>