| From: | Sehrope Sarkuni <sehrope(at)jackdb(dot)com> |
|---|---|
| To: | Bruce Momjian <bruce(at)momjian(dot)us> |
| Cc: | Joe Conway <mail(at)joeconway(dot)com>, Tomas Vondra <tomas(dot)vondra(at)2ndquadrant(dot)com>, Antonin Houska <ah(at)cybertec(dot)at>, Stephen Frost <sfrost(at)snowman(dot)net>, Masahiko Sawada <sawada(dot)mshk(at)gmail(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, Haribabu Kommi <kommi(dot)haribabu(at)gmail(dot)com>, "Moon, Insung" <Moon_Insung_i3(at)lab(dot)ntt(dot)co(dot)jp>, Ibrar Ahmed <ibrar(dot)ahmad(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS) |
| Date: | 2019-07-26 01:11:18 |
| Message-ID: | CAH7T-ap1Q9yHjGSO4ZJaVhU3L=u14TSHmR++Ccc_Hk3EoqKpUQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Jul 25, 2019 at 8:50 PM Bruce Momjian <bruce(at)momjian(dot)us> wrote:
> On Thu, Jul 25, 2019 at 08:44:40PM -0400, Sehrope Sarkuni wrote:
> > You can still use CTR mode and include those to make the key + IV unique
> by
> > adding them to the derived key rather than the IV.
> >
> > The IV per-page would still be LSN + page-number (with the block number
> added
> > as it's evaluated across the page) and the relfilenode, heap/index,
> database,
> > and anything else to make it unique can be included in the HKDF to
> create the
> > per-file derived key.
>
> I thought if we didn't have to hash the stuff together we would be less
> likely to get collisions with the IV.
>
IV creation not use any hashing and would never have collisions with the
same key as it's LSN + page + block (concatenation).
The derived keys would also not have collisions as the HKDF prevents that.
Deriving two matching keys with different inputs has the same chance as
randomly generating matching HMACs (effectively nil with something like
HMAC-SHA-256).
So there wouldn't be any reuse of the same key + IV. Even if two different
files are encrypted with the same LSN + page the total operation (key + IV)
would be different as they'd be using different derived keys.
Regards,
-- Sehrope Sarkuni
Founder & CEO | JackDB, Inc. | https://www.jackdb.com/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2019-07-26 01:16:06 | Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS) |
| Previous Message | Bruce Momjian | 2019-07-26 01:07:41 | Re: PG 12 draft release notes |