On Fri, Oct 04, 2019 at 04:58:14PM -0400, Bruce Momjian wrote:
On Fri, Oct 4, 2019 at 10:46:57PM +0200, Tomas Vondra wrote:
Oracle also has a handy "TDE best practices" document [2], which says
when to use column-level encryption - let me quote a couple of points:
* Location of sensitive information is known
* Less than 5% of all application columns are encryption candidates
* Encryption candidates are not foreign-key columns
* Indexes over encryption candidates are normal B-tree indexes (this
also means no support for indexes on expressions, and likely partial
indexes)
* No support from hardware crypto acceleration.
Aren't all modern systems going to have hardware crypto acceleration,
i.e., AES-NI CPU extensions. Does that mean there is no value of
partial encryption on such systems? Looking at the overhead numbers I
have seen for AES-NI-enabled systems, I believe it.
That's a good question, I don't know the answer. You're right most
systems have CPUs with AES-NI these days, and I'm not sure why the
column encryption does not leverage that.
Maybe it's because column encryption has to encrypt/decrypt much smaller
chunks of data, and AES-NI is not efficient for that? I don't know.
regards
--
Tomas Vondra http://www.2ndQuadrant.com
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
