| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Ashwin Agrawal <ashwinstar(at)gmail(dot)com> |
| Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, Bruce Momjian <bruce(at)momjian(dot)us>, Ants Aasma <ants(at)cybertec(dot)at>, Sasasu <i(at)sasa(dot)su>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: storing an explicit nonce |
| Date: | 2021-10-07 19:38:28 |
| Message-ID: | CA+TgmoYYseXmPrSDJ5HBfgSr1O0cZPAJk2M2GzdVe+KWQZ7PeQ@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Oct 7, 2021 at 3:31 PM Ashwin Agrawal <ashwinstar(at)gmail(dot)com> wrote:
> Not at all knowledgeable on security topics (bravely using terms and recommendation), can we approach decisions like AES-XTS vs AES-GCM (which in turn decides whether we need to store nonce or not) based on which compliance it can achieve or not. Like can using AES-XTS make it FIPS 140-2 compliant or not?
To the best of my knowledge, the encryption mode doesn't have much to
do with whether such compliance can be achieved. The encryption
algorithm could matter, but I assume everyone still thinks AES is
acceptable. (We should assume that will eventually change.) The
encryption mode is, at least as I understand, more of an internal
thing that you have to get right to avoid having people break your
encryption and write papers about how they did it.
--
Robert Haas
EDB: http://www.enterprisedb.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2021-10-07 19:38:58 | Re: storing an explicit nonce |
| Previous Message | Mark Dilger | 2021-10-07 19:31:56 | Re: Role Self-Administration |