From: | Bruce Momjian <bruce(at)momjian(dot)us> |
---|---|
To: | Alastair Turner <minion(at)decodable(dot)me> |
Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, Michael Paquier <michael(at)paquier(dot)xyz>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, Masahiko Sawada <masahiko(dot)sawada(at)2ndquadrant(dot)com> |
Subject: | Re: Proposed patch for key managment |
Date: | 2020-12-22 21:13:06 |
Message-ID: | 20201222211306.GA9170@momjian.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Tue, Dec 22, 2020 at 08:15:27PM +0000, Alastair Turner wrote:
> Hi Bruce
>
> In ckey_passphrase.sh.sample
>
> +
> +echo "$PASS" | sha256sum | cut -d' ' -f1
> +
>
> Under the threat model discussed, a copy of the keyfile could be
> attacked offline. So getting from passphrase to DEKs should be as
> resource intensive as possible to slow down brute-force attempts.
> Instead of just a SHA hash, this should be at least a PBKDF2 (PKCS#5)
I am satisfied with the security of SHA256.
> On Tue, 22 Dec 2020 at 15:40, Bruce Momjian <bruce(at)momjian(dot)us> wrote:
> >
> > Here is an updated patch. Are people happy with the Makefile, its
> > location in the source tree, and the install directory name? I used the
> > directory name 'auth_commands' because I thought 'auth' was too easily
> > misinterpreted. I put the scripts in /src/backend/utils/auth_commands.
> >
>
> What's implemented in these patches is an internal keystore, wrapped
> with a key derived from a passphrase. I'd think that the scripts
> directory should reflect what they interact with, so
> 'keystore_commands' or 'local_keystore_command' sounds more specific
> and therefore better than 'auth_commands'.
The point is that some commands are used for keystore and some for SSL
certificate passphrase entry, hence "auth".
--
Bruce Momjian <bruce(at)momjian(dot)us> https://momjian.us
EnterpriseDB https://enterprisedb.com
The usefulness of a cup is in its emptiness, Bruce Lee
From | Date | Subject | |
---|---|---|---|
Next Message | Justin Pryzby | 2020-12-22 21:15:37 | Re: Allow CLUSTER, VACUUM FULL and REINDEX to change tablespace on the fly |
Previous Message | Fabien COELHO | 2020-12-22 20:50:36 | Re: [PATCH] Automatic HASH and LIST partition creation |