Skip site navigation (1) Skip section navigation (2)

Re: creating table with an encrypted filed

From: "Retzlaw Heinrich" <hretzlaw(at)etm-ag(dot)com>
To: <pgsql-novice(at)postgresql(dot)org>
Subject: Re: creating table with an encrypted filed
Date: 2002-11-11 10:14:59
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-novice
if you write the following command in postgresql:
SELECT * FROM pg_user;
You see a list of users and in the field with the users password 'passwd'
you only see '********'. It is not important how long the password is, you
only see 8 '*'.
So every user only see stars in that field. It does not matter what Data
Type the field is. But I do not know how to do that.
Heinrich Retzlaw

-----Urspr├╝ngliche Nachricht-----
Von: pgsql-novice-owner(at)postgresql(dot)org
[mailto:pgsql-novice-owner(at)postgresql(dot)org]Im Auftrag von Nick Sayer
Gesendet: Freitag, 8. November 2002 18:21
An: hretzlaw(at)prj1(dot)etm-ag(dot)com
Cc: pgsql-novice(at)postgresql(dot)org
Betreff: Re: [NOVICE] creating table with an encrypted filed

It sort of begs the question: Who is it you're protecting the field
from? Clearly some classes of user need to access the data and some
don't. You can use encryption as a means of access control, certainly,
but typically it's better to just use access control (GRANT and DENY).
Apart from database access, the only way to get access to the tables is
through the filesystem, and if an attacker is in a position to rape your
filesystem, you've probably got much bigger problems.

Passwords are a special case - typically the question you ask about
passwords is 'did the user supply the correct one?' not 'what is the
user's password?' In this circumstance, it is safer to store a hash of
the user's password. My prefered method is to use the MD5 hash of the
user's login name, a ':' (or some other separator) and the user's
password. The addition of the username means that two users who have the
same password won't *look* like they do if someone somehow gets ahold of
the list and tries an offline dictionary attack.

This fails for situations like IMAP non-plaintext authentications where
the server actually has to know the user's plaintext password, but that
sort of thing is beyond the scope of this e-mail. :-)

Retzlaw Heinrich wrote:

> Hello,
> I want to create a table with an encrypted field for a password entry, so
> that you can see only ********.
> And can I encrypt fields which datatype is an integer or a timestamp?
> Thank you
> Best regards Heinrich
> Heinrich Retzlaw - Software Developer
> ETM Deutschland GmbH
> Adenauerstra├če 20-A1, D-52146 Aachen
> Tel. +49/2405/483-0, Fax -707
> E-Mail: hretzlaw(at)etm(dot)at
> Web:
> ------------------------------------------------------------------------
> ---------------------------(end of broadcast)---------------------------
> TIP 5: Have you checked our extensive FAQ?

---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to majordomo(at)postgresql(dot)org

In response to

pgsql-novice by date

Next:From: Josh BerkusDate: 2002-11-11 18:16:34
Subject: Re: Best practice for altering a table
Previous:From: Tom LaneDate: 2002-11-11 05:16:01
Subject: Re: Best practice for altering a table

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group