From: | Ryan Lambert <ryan(at)rustprooflabs(dot)com> |
---|---|
To: | Tomas Vondra <tomas(dot)vondra(at)2ndquadrant(dot)com> |
Cc: | Joe Conway <mail(at)joeconway(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, Bruce Momjian <bruce(at)momjian(dot)us>, Masahiko Sawada <sawada(dot)mshk(at)gmail(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, Antonin Houska <ah(at)cybertec(dot)at>, Haribabu Kommi <kommi(dot)haribabu(at)gmail(dot)com>, "Moon, Insung" <Moon_Insung_i3(at)lab(dot)ntt(dot)co(dot)jp>, Ibrar Ahmed <ibrar(dot)ahmad(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS) |
Date: | 2019-07-09 12:39:39 |
Message-ID: | CAN-V+g9MujYhhBT7+j1EWcJ7C1nPiKDy0-a-XgZVEpbg7GOeFg@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Hi Thomas,
> CBC mode does require
> random nonces, other modes may be fine with even sequences as long as
> the values are not reused.
I disagree that CBC mode requires random nonces, at least based on what
NIST has published. They only require that the IV (not the nonce) must be
unpredictable per [1]:
" For the CBC and CFB modes, the IVs must be unpredictable."
The unpredictable IV can be generated from a non-random nonce including a
counter:
"There are two recommended methods for generating unpredictable IVs. The
first method is to apply the forward cipher function, under the same key
that is used for the encryption of the plaintext, to a nonce. The nonce
must be a data block that is unique to each execution of the encryption
operation. For example, the nonce may be a counter, as described in
Appendix B, or a message number."
[1]
https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf
Thanks,
Ryan Lambert
>
From | Date | Subject | |
---|---|---|---|
Next Message | Julien Rouhaud | 2019-07-09 12:56:37 | Re: Add parallelism and glibc dependent only options to reindexdb |
Previous Message | Andrew Dunstan | 2019-07-09 12:26:52 | Re: [Patch] Mingw: Fix import library extension, build actual static libraries |