Skip site navigation (1) Skip section navigation (2)

Re: Article on DB encryption

From: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
To: Silvana Di Martino <silvanadimartino(at)tin(dot)it>
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: Article on DB encryption
Date: 2004-03-08 19:19:23
Message-ID: 200403081919.i28JJNn18271@candle.pha.pa.us (view raw or flat)
Thread:
Lists: pgsql-admin
Silvana Di Martino wrote:
> And this one shows a feasible solution for PostgreSQL (using pgcrypto):
> 
> "Oracle has one of the best solutions for in-database encryption-decryption 
> keys. It stores the keys, encrypted, in a table. For users with access 
> rights, it decrypts the keys, which in turn decrypt the desired data. The 
> downside, of course, is that you have unencrypted data on the network, but 
> the benefit is making access to encrypted data secure. Not even the database 
> administrator can see the unencrypted data--even the keys to get at the data 
> are encrypted. This solution can be implemented in any of the major 
> databases, and Oracle provides a secure key generator as well as other tools 
> to get you started."

Interesting.  I can see how the client decrypts the stored password, but
I don't see how the server works with that decrypted password.  

I can see how the client could use it to decrypt data on their end, or
send the password as part of the query as an argument to a pg_crypto
function.

The user could decrypt it and store it in a temporary table, and join to
that table in queries, and pass that decrypted password column to
pg_crypto functions, but do we guarantee that that temp table would not
be on the disk if the server crashes and is then stolen?  Seems
server-side variables would be a natural, secure use for this that temp
tables don't supply.

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman(at)candle(dot)pha(dot)pa(dot)us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073

In response to

Responses

pgsql-admin by date

Next:From: scott.marloweDate: 2004-03-08 19:42:50
Subject: Re: Problem with data format
Previous:From: Silvana Di MartinoDate: 2004-03-08 18:33:39
Subject: Re: pgcrypto and database encryption

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group