From: | Bruce Momjian <bruce(at)momjian(dot)us> |
---|---|
To: | Nico Williams <nico(at)cryptonector(dot)com> |
Cc: | Joe Conway <mail(at)joeconway(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Robert Haas <robertmhaas(at)gmail(dot)com>, Masahiko Sawada <sawada(dot)mshk(at)gmail(dot)com>, "Moon, Insung" <Moon_Insung_i3(at)lab(dot)ntt(dot)co(dot)jp>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS) |
Date: | 2018-06-21 15:56:39 |
Message-ID: | 20180621155639.GD24547@momjian.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Wed, Jun 20, 2018 at 05:28:43PM -0500, Nico Williams wrote:
> On Wed, Jun 20, 2018 at 06:19:40PM -0400, Joe Conway wrote:
> > On 06/20/2018 05:12 PM, Bruce Momjian wrote:
> > > On Mon, Jun 18, 2018 at 11:06:20AM -0400, Joe Conway wrote:
> > > Even if they are encrypted with the same key, they use different
> > > initialization vectors that are stored inside the encrypted payload, so
> > > you really can't identify much except the length, as Robert stated.
>
> Definitely use different IVs, and don't reuse them (or use cipher modes
> where IV reuse is not fatal).
>
> > The more you encrypt with a single key, the more fuel you give to the
> > person trying to solve for the key with cryptanalysis.
>
> With modern 128-bit block ciphers in modern cipher modes you'd have to
> encrypt enough data to make this not a problem. On the other hand,
> you'll still have other reasons to do key rotation. Key rotation
> ultimately means re-encrypting everything. Getting all of this right is
> very difficult.
>
> So again, what's the threat model? Because if it's sysadmins/DBAs
> you're afraid of, there are better things to do.
Agreed. Databases just don't match to the typical cryptographic
solutions and threat models.
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ As you are, so once was I. As I am, so you will be. +
+ Ancient Roman grave inscription +
From | Date | Subject | |
---|---|---|---|
Next Message | Konstantin Knizhnik | 2018-06-21 16:04:04 | Re: libpq compression |
Previous Message | Bruce Momjian | 2018-06-21 15:55:11 | Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS) |