| From: | Nico Williams <nico(at)cryptonector(dot)com> |
|---|---|
| To: | Masahiko Sawada <sawada(dot)mshk(at)gmail(dot)com> |
| Cc: | "Tsunakawa, Takayuki" <tsunakawa(dot)takay(at)jp(dot)fujitsu(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, "Moon, Insung" <Moon_Insung_i3(at)lab(dot)ntt(dot)co(dot)jp>, Bruce Momjian <bruce(at)momjian(dot)us>, Joe Conway <mail(at)joeconway(dot)com> |
| Subject: | Re: Threat models for DB cryptography (Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key) Management Service (KMS) |
| Date: | 2018-07-03 11:44:34 |
| Message-ID: | 20180703114433.GA8162@localhost |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Jul 03, 2018 at 07:28:42PM +0900, Masahiko Sawada wrote:
> On Tue, Jul 3, 2018 at 7:16 AM, Nico Williams <nico(at)cryptonector(dot)com> wrote:
> > Yes, but piecemeal encryption seems like a bad idea to me.
>
> What do you mean by "piecemeal encryption"? Is it not-whole database
> encryption such as per-table or per-tablespace? If so could you please
> elaborate on the reason why you think so?
I mean that encrypting some columns only, or some tables only, has
integrity protection issues. See earlier posts in this thread.
Encrypting the whole DB has no such problems, assuming you're doing the
crypto correctly anyways. But for full DB encryption it's easier to
leave the crypto to the filesystem or device drivers. (If the devices
are physically in the host and cannot be removed easily, then FDE at the
device works well too.)
Nico
--
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Moon, Insung | 2018-07-03 11:45:24 | RE: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS) |
| Previous Message | Robert Haas | 2018-07-03 11:37:50 | Re: Explain buffers wrong counter with parallel plans |