On Tue, Jul 3, 2018 at 5:37 PM Moon, Insung <moon_insung...@lab.ntt.co.jp> wrote:
> Dear Tom Lane. > > > -----Original Message----- > > From: Tom Lane [mailto:t...@sss.pgh.pa.us] > > Sent: Monday, June 18, 2018 11:52 PM > > To: Robert Haas > > Cc: Joe Conway; Masahiko Sawada; Moon, Insung; PostgreSQL-development > > Subject: Re: [Proposal] Table-level Transparent Data Encryption (TDE) > and Key Management Service (KMS) > > > > Robert Haas <robertmh...@gmail.com> writes: > > > On Mon, Jun 18, 2018 at 10:12 AM, Joe Conway <m...@joeconway.com> > wrote: > > >> Not necessarily. Our pages probably have enough predictable bytes to > > >> aid cryptanalysis, compared to user data in a column which might not > > >> be very predicable. > > > > > Really? I would guess that the amount of entropy in a page is WAY > > > higher than in an individual column value. > > > > Depending on the specifics of the encryption scheme, having some amount > of known (or guessable) plaintext may allow breaking > > the cipher, even if much of the plaintext is not known. This is > cryptology 101, really. > > > > At the same time, having to have a bunch of independently-decipherable > short field values is not real secure either, especially > > if they're known to all be encrypted with the same key. But what you > know or can guess about the plaintext in such cases > > would be target-specific, rather than an attack that could be built once > and used against any PG database. > > Yes. If there is known to guessable data of encrypted data, maybe there is > a possibility of decrypting the encrypted data. > > But would it be safe to use an additional encryption mode such as GCM or > XFS to solve this problem? > (Do not use the same IV) > > Thank you and Best regards. > Moon. > > > > > > regards, tom lane > > > > > Hi Moon, Have you done progress on that patch? I am thinking to work on the project and found that you are already working on it. The last message is almost six months old. I want to check with you that are you still working on that, if yes I can help on that by reviewing the patch etc. If you are not working on that anymore, can you share your done work (if possible)? -- Ibrar Ahmed