Re: XTS cipher mode for cluster file encryption

From: Stephen Frost <sfrost(at)snowman(dot)net>
To: Bruce Momjian <bruce(at)momjian(dot)us>
Cc: Andres Freund <andres(at)anarazel(dot)de>, Antonin Houska <ah(at)cybertec(dot)at>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, Robert Haas <robertmhaas(at)gmail(dot)com>, Sasasu <i(at)sasa(dot)su>
Subject: Re: XTS cipher mode for cluster file encryption
Date: 2022-02-01 18:07:36
Message-ID: CAOuzzgrp9fYTP_B4OgY89bdF+7-nFVexturcWYw6SChwva-E8A@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Greetings,

On Tue, Feb 1, 2022 at 12:50 Bruce Momjian <bruce(at)momjian(dot)us> wrote:

> On Tue, Feb 1, 2022 at 07:45:06AM +0100, Antonin Houska wrote:
> > > With pg_upgrade modified to preserve the relfilenode, tablespace oid,
> and
> > > database oid, we are now closer to implementing cluster file encryption
> > > using XTS. I think we have a few steps left:
> > >
> > > 1. modify temporary file I/O to use a more centralized API
> > > 2. modify the existing cluster file encryption patch to use XTS with a
> > > IV that uses more than the LSN
> > > 3. add XTS regression test code like CTR
> > > 4. create WAL encryption code using CTR
> > >
> > > If we can do #1 in PG 15 I think I can have #2 ready for PG 16 in July.
> > > The feature wiki page is:
> > >
> > > https://wiki.postgresql.org/wiki/Transparent_Data_Encryption
> > >
> > > Do people want to advance this feature forward?
> >
> > I confirm that we (Cybertec) do and that we're ready to spend more time
> on the
> > community implementation.
>
> Well, I sent an email a week ago asking if people want to advance this
> feature forward, and so far you are the only person to reply, which I
> think means there isn't enough interest in this feature to advance it.

This confuses me. Clearly there’s plenty of interest, but asking on hackers
in a deep old sub thread isn’t a terribly good way to judge that. Yet even
when there is an active positive response, you argue that there isn’t
enough.

In general, I agree that the items you laid out are what the next steps
are. There are patches for some of those items already too and some of
them, such as consolidating the temporary file access, are beneficial even
without the potential to use them for encryption.

Instead of again asking if people want this feature (many, many, many do),
I’d encourage Antonin to start a new thread with the patch to do the
temporary file access consolidation which then provides a buffered access
and reduces the number of syscalls and work towards getting that committed,
ideally as part of this release.

Thanks,

Stephen

>

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Bruce Momjian 2022-02-01 18:27:03 Re: XTS cipher mode for cluster file encryption
Previous Message Bruce Momjian 2022-02-01 17:50:46 Re: XTS cipher mode for cluster file encryption