Hi,
On 05/25/2018 01:41 PM, Moon, Insung wrote:
Hello Hackers,
...
BTW, I want to support CBC mode encryption[3]. However, I'm not sure
how to use the IV in CBC mode for this proposal. I'd like to hear
opinions by security engineer.
I'm not a cryptographer either, but this is exactly where you need a
prior discussion about the threat models - there are a couple of
chaining modes, each with different weaknesses.
FWIW it may also matter if data_checksums are enabled, because that may
prevent malleability attacks affecting of the modes. Assuming active
attacker (with the ability to modify the data files) is part of the
threat model, of course.
regards
--
Tomas Vondra http://www.2ndQuadrant.com
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
