Home > mailing lists

Re: Database Encryption (now required by law in Italy) - Mailing list pgsql-admin

From	Joe Conway
Subject	Re: Database Encryption (now required by law in Italy)
Date	March 8, 2004 16:31:41
Msg-id	404CAD5D.6010503@joeconway.com Whole thread Raw
In response to	Re: Database Encryption (now required by law in Italy) (Silvana Di Martino <silvanadimartino@tin.it>)
Responses	Re: Database Encryption (now required by law in Italy) (Silvana Di Martino <silvanadimartino@tin.it>)
List	pgsql-admin

Tree view

Silvana Di Martino wrote:
> Oracle has a built-in feature for encrypting/decrypting this password's
> password.

Right, and this master password is only protected because Oracle is
closed source. It is not possible to do the same thing with Postgres
because you could find the master key (or the algorithm to produce it)
in the source code.

However this amounts to "security by obscurity", and anyone serious
about encryption will tell you it is insufficient. There is no way to
have cryptographically sound protection of your data using a key
embedded in the software like that.

Joe

pgsql-admin by date:

From:
Date: 08 March 2004, 16:13:19
Subject: Re: Database Encryption (now required by law in Italy)

From: Bruce Momjian
Date: 08 March 2004, 18:19:31
Subject: Re: Article on DB encryption

Re: Database Encryption (now required by law in Italy) - Mailing list pgsql-admin

Previous

Next