Dear Tomas Vondra. > -----Original Message----- > From: Tomas Vondra [mailto:tomas.von...@2ndquadrant.com] > Sent: Wednesday, June 13, 2018 10:15 PM > To: Moon, Insung; pgsql-hack...@postgresql.org > Subject: Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key > Management Service (KMS) > > Hi, > > On 05/25/2018 01:41 PM, Moon, Insung wrote: > > Hello Hackers, > > > > ... > > > > BTW, I want to support CBC mode encryption[3]. However, I'm not sure > > how to use the IV in CBC mode for this proposal. I'd like to hear > > opinions by security engineer. > > > > I'm not a cryptographer either, but this is exactly where you need a prior > discussion about the threat models - there > are a couple of chaining modes, each with different weaknesses. >
Thank you for your advice. First, I'm researched to more security problem and found that CBC mode is an not safe encryption mode. Later, when I'll create a PoC, using to GCM or XTS encryption mode. And this time I know for using the same IV is dangerous, and I'm doing some more research on this. Thank you and Best regards. Moon. > FWIW it may also matter if data_checksums are enabled, because that may > prevent malleability attacks affecting of the > modes. Assuming active attacker (with the ability to modify the data files) > is part of the threat model, of course. > > regards > > -- > Tomas Vondra http://www.2ndQuadrant.com > PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
