Home > mailing lists

Re: [ADMIN] Secure DB Systems - How to - Mailing list pgsql-php

From	Greg Stark
Subject	Re: [ADMIN] Secure DB Systems - How to
Date	July 28, 2004 20:16:37
Msg-id	87brhzsx9x.fsf@stark.xeocode.com Whole thread Raw
In response to	Re: [ADMIN] Secure DB Systems - How to (Bruno Wolff III <bruno@wolff.to>)
Responses	Re: [ADMIN] Secure DB Systems - How to Re: [ADMIN] Secure DB Systems - How to
List	pgsql-php

Tree view

Bruno Wolff III <bruno@wolff.to> writes:

> That depends on the kind of queries. Searching for exact matches should work
> fine. Some other things can be done in special cases.

If searching for exact matches works then you're using a naive encryption
system. The problem is that it also means your database is vulnerable to
dictionary attacks. Good encryption systems will include random padding to
ensure that you can't attack it by merely guessing many possible plaintexts
and verifying to see if any match.

--
greg

pgsql-php by date:

From: Lynna Landstreet
Date: 28 July 2004, 19:52:46
Subject: Re: Strange warning message

From: "Chris"
Date: 28 July 2004, 23:55:56
Subject: Re: Strange warning message

Re: [ADMIN] Secure DB Systems - How to - Mailing list pgsql-php

Previous

Next