Home > mailing lists

Re: [ADMIN] Secure DB Systems - How to - Mailing list pgsql-php

From	Daniel Struck
Subject	Re: [ADMIN] Secure DB Systems - How to
Date	July 29, 2004 09:13:13
Msg-id	20040729111608.0ef34e4b@gentoo Whole thread Raw
In response to	Re: [ADMIN] Secure DB Systems - How to (Greg Stark <gsstark@mit.edu>)
List	pgsql-php

Tree view

> If searching for exact matches works then you're using a naive encryption
> system. The problem is that it also means your database is vulnerable to
> dictionary attacks. Good encryption systems will include random padding to
> ensure that you can't attack it by merely guessing many possible plaintexts
> and verifying to see if any match.

To prevent this, I use in my implementation for every encrypted value a corresponding IV to prevent that the same value
willgive the same crypted text. 

This is a reason, why I must do pattern searches in postgresql itself, because I do need to include the IV-column in
thesql statement. 


Daniel


--
Retrovirology Laboratory Luxembourg
Centre Hospitalier de Luxembourg
4, rue E. Barblé
L-1210 Luxembourg

phone: +352-44116105
fax:   +352-44116113
web: http://www.retrovirology.lu
e-mail: struck.d@retrovirology.lu

pgsql-php by date:

From: azah azah
Date: 29 July 2004, 07:58:46
Subject: Re: default timestamp in postresql

From: azah azah
Date: 29 July 2004, 09:46:01
Subject: inet_aton in mysql, how to convert it to postresql?

Re: [ADMIN] Secure DB Systems - How to - Mailing list pgsql-php

Previous

Next