Re: storing an explicit nonce

From: Stephen Frost <sfrost(at)snowman(dot)net>
To: Ants Aasma <ants(at)cybertec(dot)at>
Cc: Antonin Houska <ah(at)cybertec(dot)at>, Bruce Momjian <bruce(at)momjian(dot)us>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>, Robert Haas <robertmhaas(at)gmail(dot)com>, Sasasu <i(at)sasa(dot)su>
Subject: Re: storing an explicit nonce
Date: 2021-10-12 21:53:01
Message-ID: CAOuzzgp-e9e-zj0qqdcM0Qk7JbKvOWMhaT+cSaiVQfSPrH_WOg@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Greetings,

On Tue, Oct 12, 2021 at 17:49 Ants Aasma <ants(at)cybertec(dot)at> wrote:

>
> On Wed, 13 Oct 2021 at 00:25, Bruce Momjian <bruce(at)momjian(dot)us> wrote:
>
>> On Tue, Oct 12, 2021 at 11:21:28PM +0300, Ants Aasma wrote:
>> > On Tue, 12 Oct 2021 at 16:14, Bruce Momjian <bruce(at)momjian(dot)us> wrote:
>> >
>> > Well, how do you detect an all-zero page vs a page that encrypted
>> to all
>> > zeros?
>> >
>> > Page encrypting to all zeros is for all practical purposes impossible
>> to hit.
>> > Basically an attacker would have to be able to arbitrarily set the whole
>> > contents of the page and they would then achieve that this page gets
>> ignored.
>>
>> Uh, how do we know that valid data can't produce an encrypted all-zero
>> page?
>>
>
> Because the chances of that happening by accident are equivalent to making
> a series of commits to postgres and ending up with the same git commit hash
> 400 times in a row.
>

And to then have a valid checksum … seems next to impossible.

Thanks,

Stephen

>

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Greg Stark 2021-10-12 22:04:35 Re: Temporary tables versus wraparound... again
Previous Message Ants Aasma 2021-10-12 21:48:51 Re: storing an explicit nonce