Re: [Proposal] Table-level Transparent Data Encryption (TDE) and KeyManagement Service (KMS) - Mailing list pgsql-hackers
| From | Bruce Momjian |
|---|---|
| Subject | Re: [Proposal] Table-level Transparent Data Encryption (TDE) and KeyManagement Service (KMS) |
| Date | |
| Msg-id | 20190824002721.GA30973@momjian.us Whole thread Raw |
| In response to | Re: [Proposal] Table-level Transparent Data Encryption (TDE) and KeyManagement Service (KMS) (Stephen Frost <sfrost@snowman.net>) |
| Responses |
Re: [Proposal] Table-level Transparent Data Encryption (TDE) and KeyManagement Service (KMS)
Re: [Proposal] Table-level Transparent Data Encryption (TDE) and KeyManagement Service (KMS) |
| List | pgsql-hackers |
On Fri, Aug 23, 2019 at 10:35:17AM -0400, Stephen Frost wrote: > > Agreed. The features of other databases are a clear source for what we > > should consider and run through the useful/reasonable filter. > > Following on from that- when other databases don't have something that > we're thinking about implementing, maybe we should be contemplating if > it really makes sense as a requirement for us. Yes, that's a good point. > Specifically in this case- I went back and tried to figure out what > other database systems have an "encrypt EVERYTHING" option. I didn't > have much luck finding one though. So I think we need to ask ourselves- > the "check box" that we're trying to check off with TDE, do the other > database system check that box? If so, then it looks like the "check > box" isn't actually "encrypt EVERYTHING", it's more along the lines of > "make sure all regular user data is encrypted automatically" or some > such, and that's a very different requirement, which seems to be > answered by the other systems by having a KMS + tablespace/database > level encryption. We certainly shouldn't be putting a lot of effort > into building something that is either overkill or won't be interesting > to users due to limitations like "have to take the entire cluster > offline to re-key it". Well, I think they might do that to reduce encryption overhead. I think tests have shown that is not an issue, but we will need to test further. I am not sure of the downside of encrypting everything, since it leaks the least information and has a minimal user API and code impact. What is the value of encrypting only the user rows? Better key control? > Now, that KMS has to be encrypted using a master key, of course, and we > have to make sure that it is able to survive across a crash, and it'd > sure be nice if it was indexed. One option for such a KMS would be > something entirely external (which could potentially just be another PG > database or something) but it'd be nice if we had something built-in. > We might also want it to be replicated (or maybe we don't, as was > discussed on the call, to allow for a replica to use an independent set > of keys- of course that leads to issues with pg_rewind and such though). I think the replica could use a different key for the relations, but the WAL key would have to be the same. > Anything built-in does seem like it'd be a fair bit of work to get it to > address those requirements, but that does seem to be what the other > database systems have done. Unfortunately, their documentation doesn't > seem to really say exactly what they've done to address that. I do like they pgcrypto key support to be per-database so pg_dump will dump the data encrypted, and with its locked keys. -- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + As you are, so once was I. As I am, so you will be. + + Ancient Roman grave inscription +
pgsql-hackers by date: