Re: Encryption in pg_dump

From: Paul Förster <paul(dot)foerster(at)gmail(dot)com>
To: Tal Glo <glozmantal(at)gmail(dot)com>
Cc: Ron <ronljohnsonjr(at)gmail(dot)com>, pgsql-admin(at)lists(dot)postgresql(dot)org
Subject: Re: Encryption in pg_dump
Date: 2020-07-23 09:05:19
Message-ID: 0EF8B591-3363-4D66-AEB8-CC1F34A53DD7@gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

Hi Tal,

> On 23. Jul, 2020, at 10:27, Tal Glo <glozmantal(at)gmail(dot)com> wrote:
> There is a way to implement full homomorphic encryption (FHE) with Postgres.

ok.

> I've used a relatively old version (2.3.1) of Microsoft's SEAL library in my University project for that.

I don't know about Windows but I assume, Linux would be similar?

> 2. Handling queries related to FHE encrypted attributes on the server side requires an implementation of own C language functions.

we don't do that. Also, we have third party applications. In case they need to be modified, this is impossible.

> It's not always a good Idea to say that something cannot be done or that some one needs to be replaced. Sometimes it's worth to develop some new process, based on a mixture of available technologies out there.

right, but only if it makes sense. To put a wallet in the file system and its key right next to it does not make sense but only serves to make IT heads and security "gurus" go quiet. In these cases, only replacing them by competent ones helps.

Cheers,
Paul

In response to

Responses

Browse pgsql-admin by date

  From Date Subject
Next Message Ron 2020-07-23 09:12:30 Re: Encryption in pg_dump
Previous Message Tal Glo 2020-07-23 08:27:06 Re: Encryption in pg_dump