| From: | Bruce Momjian <bruce(at)momjian(dot)us> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, Ants Aasma <ants(at)cybertec(dot)at>, Sasasu <i(at)sasa(dot)su>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: storing an explicit nonce |
| Date: | 2021-10-07 16:54:47 |
| Message-ID: | 20211007165447.GD5475@momjian.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Oct 7, 2021 at 12:29:04PM -0400, Robert Haas wrote:
> On Thu, Oct 7, 2021 at 11:45 AM Bruce Momjian <bruce(at)momjian(dot)us> wrote:
> > I continue to be concerned that a page format change will decrease the
> > desirability of this feature by making migration complex and increasing
> > its code complexity. I am unclear if it is necessary.
> >
> > I think the big question is whether XTS with db/relfilenode/blocknumber
> > is sufficient as an IV without a nonce that changes for updates.
>
> Those are fair concerns. I think I agree with everything you say here.
>
> There was some discussion earlier (not sure if it was on this thread)
> about integrity verification. And I don't think that there's any way
> we can do that without storing some kind of integrity verifier in each
> page. And if we're doing that anyway to support that feature, then
> there's no problem if it also includes the IV. I had read Stephen's
Agreed.
> previous comments to indicate that he thought we should go this way,
> and it sounded cool to me, too. However, it does make migrations
Uh, what has not been publicly stated yet is that there was a meeting,
prompted by Stephen, with him, Cybertec staff, and myself on September
16 at the Cybertec office in Vienna to discuss this. After vigorous
discussion, it was agreed that a simpliied version of this feature would
be implemented that would not have temper detection (beyond encrypted
checksums) and would use XTS so that the LSN would not need to be used.
> If we don't care about the integrity verification features, then as
> you say the next question is whether it's acceptable to use a
> predictable nonce that is computing from values that can be known
> without looking at the block contents. If so, we can forget about
> $SUBJECT and save ourselves some engineering work. If not, then I
Yes, that is now the question.
--
Bruce Momjian <bruce(at)momjian(dot)us> https://momjian.us
EDB https://enterprisedb.com
If only the physical world exists, free will is an illusion.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2021-10-07 16:55:33 | Re: storing an explicit nonce |
| Previous Message | Robert Haas | 2021-10-07 16:54:17 | Re: Role Self-Administration |