Quick Links

Re: Transparent column encryption

From:	Greg Stark <stark(at)mit(dot)edu>
To:	Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com>
Cc:	pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: Transparent column encryption
Date:	2021-12-16 04:47:39
Message-ID:	CAM-w4HPmmOvLDXEAT8x-SCMz7FTn5BXn_oKU5itXGOMeq-z13A@mail.gmail.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

> In the server, the encrypted datums are stored in types called
> encryptedr and encryptedd (for randomized and deterministic
> encryption). These are essentially cousins of bytea.

Does that mean someone could go in with psql and select out the data
without any keys and just get a raw bytea-like representation? That
seems like a natural and useful thing to be able to do. For example to
allow dumping a table and loading it elsewhere and transferring keys
through some other channel (perhaps only as needed).

In response to

Transparent column encryption at 2021-12-03 21:32:21 from Peter Eisentraut

Responses

Re: Transparent column encryption at 2021-12-16 11:23:11 from Peter Eisentraut

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Tom Lane	2021-12-16 04:55:41	Re: pg_dump versus ancient server versions
Previous Message	Greg Stark	2021-12-16 04:23:12	Re: [PATCH] Document heuristics for parameterized paths