Quick Links

Re: Moving forward with TDE

From:	David Christensen <david(dot)christensen(at)crunchydata(dot)com>
To:	Aleksander Alekseev <aleksander(at)timescale(dot)com>
Cc:	PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, Stephen Frost <sfrost(at)snowman(dot)net>
Subject:	Re: Moving forward with TDE
Date:	2022-11-03 22:06:23
Message-ID:	CAOxo6XLmZGvzgeEttHSJfHKQrY-rWk0xyK-JFcVe9qT4DbBf_Q@mail.gmail.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

> Unless somebody in the community remembers open questions/issues with
> TDE that were never addressed I suggest simply iterating with our
> usual testing/reviewing process. For now I'm going to change the
> status of the CF entry [1] to "Waiting for Author" since the patchset
> doesn't pass the CI [2].

Thanks, enclosed is a new version that is rebased on HEAD and fixes a
bug that the new pg_control_init() test picked up.

Known issues (just discovered by me in testing the latest revision) is
that databases created from `template0` are not decrypting properly,
but `template1` works fine, so going to dig in on that soon.

> One limitation of the design described on the wiki I see is that it
> seems to heavily rely on AES:
>
> > We will use Advanced Encryption Standard (AES) [4]. We will offer three key length options (128, 192, and 256-bits) selected at initdb time with --file-encryption-method
>
> (there doesn't seem to be any mention of the hash/MAC algorithms,
> that's odd). In the future we should be able to add the support of
> alternative algorithms. The reason is that the algorithms can become
> weak every 20 years or so, and the preferred algorithms may also
> depend on the region. This should NOT be implemented in this
> particular patchset, but the design shouldn't prevent from
> implementing this in the future.

Yes, we definitely are considering multiple algorithms support as part
of this effort.

Best,

David

Attachment	Content-Type	Size
v2-0001-cfe-01-doc_over_master-squash-commit.patch	application/octet-stream	10.1 KB
v2-0005-cfe-05-crypto_over_cfe-04-common-squash-commit.patch	application/octet-stream	23.7 KB
v2-0002-cfe-02-internaldoc_over_cfe-01-doc-squash-commit.patch	application/octet-stream	11.4 KB
v2-0003-cfe-03-scripts_over_cfe-02-internaldoc-squash-com.patch	application/octet-stream	13.8 KB
v2-0004-cfe-04-common_over_cfe-03-scripts-squash-commit.patch	application/octet-stream	32.8 KB
v2-0007-cfe-07-bin_over_cfe-06-backend-squash-commit.patch	application/octet-stream	33.3 KB
v2-0006-cfe-06-backend_over_cfe-05-crypto-squash-commit.patch	application/octet-stream	23.0 KB
v2-0008-cfe-08-pg_alterckey_over_cfe-07-bin-squash-commit.patch	application/octet-stream	30.8 KB
v2-0009-cfe-09-test_over_cfe-08-pg_alterckey-squash-commi.patch	application/octet-stream	114.0 KB
v2-0010-cfe-10-hint_over_cfe-09-test-squash-commit.patch	application/octet-stream	17.6 KB
v2-0011-cfe-11-gist_over_cfe-10-hint-squash-commit.patch	application/octet-stream	7.1 KB
v2-0012-cfe-12-rel_over_cfe-11-gist-squash-commit.patch	application/octet-stream	33.0 KB

In response to

Re: Moving forward with TDE at 2022-11-03 14:09:00 from Aleksander Alekseev

Responses

Re: Moving forward with TDE at 2022-11-04 08:42:19 from Dilip Kumar
Re: Moving forward with TDE at 2023-01-06 06:27:19 from vignesh C

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Michael Paquier	2022-11-03 22:42:07	Re: Incorrect include file order in guc-file.l
Previous Message	Tom Lane	2022-11-03 21:49:17	Re: Use array as object (src/fe_utils/parallel_slot.c)