Home > mailing lists

Re: Transparent column encryption - Mailing list pgsql-hackers

From	Greg Stark
Subject	Re: Transparent column encryption
Date	December 16, 2021 07:47:39
Msg-id	CAM-w4HPmmOvLDXEAT8x-SCMz7FTn5BXn_oKU5itXGOMeq-z13A@mail.gmail.com Whole thread Raw
In response to	Transparent column encryption (Peter Eisentraut <peter.eisentraut@enterprisedb.com>)
Responses	Re: Transparent column encryption (Peter Eisentraut <peter.eisentraut@enterprisedb.com>)
List	pgsql-hackers

Tree view

> In the server, the encrypted datums are stored in types called
> encryptedr and encryptedd (for randomized and deterministic
> encryption).  These are essentially cousins of bytea.

Does that mean someone could go in with psql and select out the data
without any keys and just get a raw bytea-like representation? That
seems like a natural and useful thing to be able to do. For example to
allow dumping a table and loading it elsewhere and transferring keys
through some other channel (perhaps only as needed).

pgsql-hackers by date:

From: Greg Stark
Date: 16 December 2021, 07:23:12
Subject: Re: [PATCH] Document heuristics for parameterized paths

From: Tom Lane
Date: 16 December 2021, 07:55:41
Subject: Re: pg_dump versus ancient server versions

Re: Transparent column encryption - Mailing list pgsql-hackers

Previous

Next