Quick Links

Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS)

From:	Antonin Houska <ah(at)cybertec(dot)at>
To:	Robert Haas <robertmhaas(at)gmail(dot)com>
Cc:	Bruce Momjian <bruce(at)momjian(dot)us>, Sehrope Sarkuni <sehrope(at)jackdb(dot)com>, Masahiko Sawada <sawada(dot)mshk(at)gmail(dot)com>, Joe Conway <mail(at)joeconway(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, Tomas Vondra <tomas(dot)vondra(at)2ndquadrant(dot)com>, Haribabu Kommi <kommi(dot)haribabu(at)gmail(dot)com>, "Moon, Insung" <Moon_Insung_i3(at)lab(dot)ntt(dot)co(dot)jp>, Ibrar Ahmed <ibrar(dot)ahmad(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS)
Date:	2019-11-02 12:24:37
Message-ID:	4100.1572697477@antos
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Robert Haas <robertmhaas(at)gmail(dot)com> wrote:

> On Mon, Aug 5, 2019 at 8:44 PM Bruce Momjian <bruce(at)momjian(dot)us> wrote:
> > Right. The 8k page LSN changes each time the page is modified, and the
> > is part of the page nonce.
>
> What about hint bit changes?
>
> I think even with wal_log_hints=on, it's not the case that *every*
> change to hint bits results in an LSN change.

Change to hint bits does not result in LSN change in the case I described here

https://www.postgresql.org/message-id/28452.1572443058%40antos

but I consider this a bug (BTW, I discovered this problem when thinking about
the use of LSN as encryption IV). Do you mean any other case? If LSN does not
get changed, then the related full-page image WAL record is not guaranteed to
be on disk during crash recovery. Thus if page checksum is invalid due to
torn-page write, there's now WAL record to fix the page.

--
Antonin Houska
Web: https://www.cybertec-postgresql.com

In response to

Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS) at 2019-11-01 20:07:39 from Robert Haas

Responses

Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS) at 2019-11-11 17:33:01 from Robert Haas

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Antonin Houska	2019-11-02 12:34:41	Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS)
Previous Message	Andrey Borodin	2019-11-02 11:30:22	Re: pglz performance