Re: Page-Level Encryption

On Fri, 2006-01-20 at 14:24, David Blewett wrote:
> I'm not sure if this is the right list for this message; if it's not,
> let me know and I'll take it up elsewhere. I found this thread today:
> <http://groups.google.com/group/comp.databases.postgresql.hackers/browse_thread/thread/4587283b3b3a5aec>
>
> I would be very interested if it's possible to encrypt data in
> Postgres, at a lower level than individual columns but not as low as
> the filesystem. I.e., either be able to encrypt a single database or a
> single table but still be able to use normal SQL against it.
>
> I'm designing an IMAP server that will be using Peter Gutmann's
> Cryptlib to encrypt the message bodies using different keys for each
> user, and storing it as a binary large object in Postgres. However, I
> still would like to do full-text indexing of the mail. I would index
> the message, then encrypt it and store it in the database. This leaves
> the fulltext index open to attack, however. While the complete message
> would probably not be reproducible (someone correct me?), a significant
> portion of it probably could.
>
> Having the table containing the index, or the database object,
> encrypted would protect against system admins,

IF they've got root, and the unencrypted data or the password / key is
on the machine or in memory on it, you've lost. It may make it harder
for them to get it, but they can.