| From: | Tomas Vondra <tomas(dot)vondra(at)2ndquadrant(dot)com> |
|---|---|
| To: | "Moon, Insung" <Moon_Insung_i3(at)lab(dot)ntt(dot)co(dot)jp>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS) |
| Date: | 2018-06-13 13:15:19 |
| Message-ID: | ca97b354-2008-b5ce-d8cc-a96389f3f052@2ndquadrant.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
On 05/25/2018 01:41 PM, Moon, Insung wrote:
> Hello Hackers,
>
> ...
>
> BTW, I want to support CBC mode encryption[3]. However, I'm not sure
> how to use the IV in CBC mode for this proposal. I'd like to hear
> opinions by security engineer.
>
I'm not a cryptographer either, but this is exactly where you need a
prior discussion about the threat models - there are a couple of
chaining modes, each with different weaknesses.
FWIW it may also matter if data_checksums are enabled, because that may
prevent malleability attacks affecting of the modes. Assuming active
attacker (with the ability to modify the data files) is part of the
threat model, of course.
regards
--
Tomas Vondra http://www.2ndQuadrant.com
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joe Conway | 2018-06-13 13:20:58 | Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS) |
| Previous Message | Konstantin Knizhnik | 2018-06-13 13:09:45 | WAL prefetch |