Re: storing an explicit nonce - Mailing list pgsql-hackers

From Stephen Frost
Subject Re: storing an explicit nonce
Date
Msg-id 20210525235505.GR20766@tamriel.snowman.net
Whole thread Raw
In response to Re: storing an explicit nonce  (Andres Freund <andres@anarazel.de>)
List pgsql-hackers
Greetings,

* Andres Freund (andres@anarazel.de) wrote:
> On 2021-05-25 16:34:10 -0400, Stephen Frost wrote:
> > The nonce does need to be absolutely unique for a given encryption key and
> > therefore needs to be global in some form.
>
> You can achieve that without a global counter though, by prepending a
> per-relation nonce with some local counter.
>
> I'm doubtful it's worth it though - compared to all the other costs, one
> shared atomic increment is pretty OK price to pay I think.

Yes, I tend to agree.

Thanks,

Stephen

Attachment

pgsql-hackers by date:

Previous
From: Stephen Frost
Date:
Subject: Re: storing an explicit nonce
Next
From: Andres Freund
Date:
Subject: Re: storing an explicit nonce