| From: | Jacob Champion <jchampion(at)timescale(dot)com> |
|---|---|
| To: | Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com> |
| Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Transparent column encryption |
| Date: | 2022-08-31 23:29:00 |
| Message-ID: | CAAWbhmj53wVRD-8NKUZ-dKuzDi_NcNSd3x80SOYxVs5zv6UAdw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Aug 30, 2022 at 4:53 AM Peter Eisentraut
<peter(dot)eisentraut(at)enterprisedb(dot)com> wrote:
> I would be interested in learning more about such padding systems. I
> have done a lot of reading for this development project, and I have
> never come across a cryptographic approach to hide length differences by
> padding. Of course, padding to the block cipher's block size is already
> part of the process, but that is done out of necessity, not because you
> want to disguise the length. Are there any other methods? I'm
> interested to learn more.
TLS 1.3 has one example. Here is a description from GnuTLS:
https://gnutls.org/manual/html_node/On-Record-Padding.html (Note the
option to turn on constant-time padding; that may not be a good
tradeoff for us if we're focusing on offline attacks.)
Here's a recent paper that claims to formally characterize length
hiding, but it's behind a wall and I haven't read it:
https://dl.acm.org/doi/abs/10.1145/3460120.3484590
I'll try to find more when I get the chance.
--Jacob
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2022-08-31 23:29:12 | Re: Doc patch |
| Previous Message | David Rowley | 2022-08-31 23:28:14 | Re: Small cleanups to tuplesort.c and a bonus small performance improvement |