From: | Andrew Chernow <ac(at)esilo(dot)com> |
---|---|
To: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
Cc: | Greg Stark <gsstark(at)mit(dot)edu>, Itagaki Takahiro <itagaki(dot)takahiro(at)oss(dot)ntt(dot)co(dot)jp>, Heikki Linnakangas <heikki(dot)linnakangas(at)enterprisedb(dot)com>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: New types for transparent encryption |
Date: | 2009-07-08 02:59:48 |
Message-ID: | 4A540BA4.7020300@esilo.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Andrew Dunstan wrote:
>
>
> Andrew Chernow wrote:
>>
>>> Encrypting lots of small chunks of data with the same key is a very
>>> dangerous thing to do and it's very tricky to get right.
>>
>> Using an initialization vector (IV) is the way to go, recommend using
>> CBC or CFB mode. Although, an IV is never supposed to be used more
>> than once with the same key; that can leak hints about the plaintext.
>> Where is the randomly generated IV stored for use during decryption?
>
> Well, you can store it along with the encrypted data. The IV doesn't
> need to be secret, just random. I do that for one of my clients.
>
That's correct. Duh!?! Probably the first N bytes of the cipher text.
Would the IV be regenerated every time the plaintext is updated, to avoid using
it twice? For instace: update t set text = 'abc' where id = 1 . ISTM that the
IV for OLD.text should be thrown away.
Where would the key come from? Where would it be stored? What cipher is used?
--
Andrew Chernow
eSilo, LLC
every bit counts
http://www.esilo.com/
From | Date | Subject | |
---|---|---|---|
Next Message | Robert Haas | 2009-07-08 03:46:28 | Re: *_collapse_limit, geqo_threshold |
Previous Message | Andrew Dunstan | 2009-07-08 02:49:09 | Re: New types for transparent encryption |