On Thu, Oct 7, 2021 at 11:45 AM Bruce Momjian <br...@momjian.us> wrote: > I continue to be concerned that a page format change will decrease the > desirability of this feature by making migration complex and increasing > its code complexity. I am unclear if it is necessary. > > I think the big question is whether XTS with db/relfilenode/blocknumber > is sufficient as an IV without a nonce that changes for updates.
Those are fair concerns. I think I agree with everything you say here. There was some discussion earlier (not sure if it was on this thread) about integrity verification. And I don't think that there's any way we can do that without storing some kind of integrity verifier in each page. And if we're doing that anyway to support that feature, then there's no problem if it also includes the IV. I had read Stephen's previous comments to indicate that he thought we should go this way, and it sounded cool to me, too. However, it does make migrations somewhat more complex, because you would then have to actually dump-and-reload, rather than, perhaps, just encrypting all the existing pages while the cluster was offline. Personally, I'm not that fussed about that problem, but I'm also rarely the one who has to help people migrate to new releases, so I may not be as sympathetic to those problems there as I should be. If we don't care about the integrity verification features, then as you say the next question is whether it's acceptable to use a predictable nonce that is computing from values that can be known without looking at the block contents. If so, we can forget about $SUBJECT and save ourselves some engineering work. If not, then I think we need to do $SUBJECT anyway. And so far I am not really convinced that we know which of those two things is the case. I don't, anyway. -- Robert Haas EDB: http://www.enterprisedb.com
