Re: Encryption in pg_dump - Mailing list pgsql-admin
| From | Stephen Frost |
|---|---|
| Subject | Re: Encryption in pg_dump |
| Date | |
| Msg-id | 20200723145604.GS12375@tamriel.snowman.net Whole thread Raw |
| In response to | Re: Encryption in pg_dump (Ron <ronljohnsonjr@gmail.com>) |
| Responses |
Re: Encryption in pg_dump
(Scott Ribe <scott_ribe@elevated-dev.com>)
|
| List | pgsql-admin |
Greetings, * Ron (ronljohnsonjr@gmail.com) wrote: > On 7/23/20 4:05 AM, Paul Förster wrote: > >>On 23. Jul, 2020, at 10:27, Tal Glo <glozmantal@gmail.com> wrote: > >>There is a way to implement full homomorphic encryption (FHE) with Postgres. > >ok. > > > >>I've used a relatively old version (2.3.1) of Microsoft's SEAL library in my University project for that. > >I don't know about Windows but I assume, Linux would be similar? > > > >>2. Handling queries related to FHE encrypted attributes on the server side requires an implementation of own C languagefunctions. > >we don't do that. Also, we have third party applications. In case they need to be modified, this is impossible. > > That was my first thought, too. We mostly run 3rd party applications, with > very little home-grown. TDE (transparent data encryption) is the only > reasonable work-around. TDE and pg_dump are pretty different things. Encryption of backups certainly makes sense (though pg_dump is really an export and not a backup...) when they're being shipped off to somewhere else. Of course, you can do that with gpg or similar for pg_dump, though I wouldn't be against adding support directly. Ideally, we'd do that in a way that leverages the code we already have for encryption, but to do that would require moving more code into the common lib. As for TDE, I agree that it's that same problem that using it means that, while the data is encrypted on the disk, the key is available in memory, and therefore the attack vectors that it actually helps with are pretty few... If the concern is an online compromise of the system, then the attacker will have the encrypted data and the key, so TDE isn't helpful in that case. If the attack vector is an offline data-at-rest attack, then encryption lower down the stack (either filesystem encryption with fscrypto, or block-level encryption) can be used to address it. Filesystem or block-level encryption also addresses the attack vector of "the attacker broke into our SAN", at least if the keys aren't ever stored anywhere on the SAN. > >>It's not always a good Idea to say that something cannot be done or that some one needs to be replaced. Sometimes it'sworth to develop some new process, based on a mixture of available technologies out there. > >right, but only if it makes sense. To put a wallet in the file system and its key right next to it does not make sensebut only serves to make IT heads and security "gurus" go quiet. In these cases, only replacing them by competent oneshelps. > > Which is as unlikely as getting all 3rd party vendors to implement > application-level encryption. That is a bit unfortuante. I do like the idea that some have had of adding options into the library (eg: libpq) to support client side encryption of the data before it's sent to the database server, to address this. That makes the encryption happen as early on as possible (at least, for us) while ideally making it work with 3rd party applications- the issue here is that for such things to work you can't actually encrypt *everything* otherwise indexes and such aren't any good, so you have to have enough knowledge to be able to define what should and shouldn't be encrypted, etc... Thanks, Stephen
Attachment
pgsql-admin by date: