pgcrypto: is an IV needed with pgp_sym_encrypt()?

From: Bill Moseley <moseley(at)hank(dot)org>
To: pgsql-general(at)postgresql(dot)org
Subject: pgcrypto: is an IV needed with pgp_sym_encrypt()?
Date: 2007-09-18 06:14:01
Message-ID: 20070918061401.GA6304@hank.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

I'm just starting with pgcrypto, and I'm curious if it's
needed/recommended to use an initialization vector/value (IV) with
the pgp_sym_encrypt() function.

The docs hint that an IV is used automatically, but encrypting plain
text that starts the same seems to result in initial common cipher
text. So, I'm not clear.

2. Data is prefixed with block of random bytes. This is equal to
using random IV.

So, I'm currently generating a substring of a md5 hash of a few items
and pre-pending that to the plain text I need to encrypt as the IV.
Then when I decrypt I remove that prefix.

BTW, this is for credit card storage, which is a business requirement.

Besides following the PCI DSS and external audit procedures, the plan
is to use pgcrypto (pgp_sym_encrypt() with AES-256) as part of a
credit card storage server. The server and db are SSL only and the
key is passed from the application and never stored anyplace (except
in memcached on other servers during the session). The key is a
user's plain text password plus an application-specific secret. So,
each row has its own key. Passwords must be changed periodically,
etc.

I'd welcome any comments or recommendations from others that have
implemented something similar.

Thanks,

--
Bill Moseley
moseley(at)hank(dot)org

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Ow Mun Heng 2007-09-18 06:38:10 Re: help w/ SRF function
Previous Message Ow Mun Heng 2007-09-18 06:11:16 CPU spike when doing PARSE (what is this?)