Home > mailing lists

Re: storing an explicit nonce - Mailing list pgsql-hackers

From	Ants Aasma
Subject	Re: storing an explicit nonce
Date	October 13, 2021 00:48:51
Msg-id	CANwKhkM+sRgtxB4E9ssdujnBdLL_6_Z_V-+Gg9bGDyNq7X8zPQ@mail.gmail.com Whole thread Raw
In response to	Re: storing an explicit nonce (Bruce Momjian <bruce@momjian.us>)
Responses	Re: storing an explicit nonce (Stephen Frost <sfrost@snowman.net>) Re: storing an explicit nonce (Bruce Momjian <bruce@momjian.us>)
List	pgsql-hackers

Tree view

On Wed, 13 Oct 2021 at 00:25, Bruce Momjian <bruce@momjian.us> wrote:

On Tue, Oct 12, 2021 at 11:21:28PM +0300, Ants Aasma wrote:
> On Tue, 12 Oct 2021 at 16:14, Bruce Momjian <bruce@momjian.us> wrote:
>
> Well, how do you detect an all-zero page vs a page that encrypted to all
> zeros?
>
> Page encrypting to all zeros is for all practical purposes impossible to hit.
> Basically an attacker would have to be able to arbitrarily set the whole
> contents of the page and they would then achieve that this page gets ignored.

Uh, how do we know that valid data can't produce an encrypted all-zero
page?

Because the chances of that happening by accident are equivalent to making a series of commits to postgres and ending up with the same git commit hash 400 times in a row.

Ants Aasma
Senior Database Engineer
www.cybertec-postgresql.com

pgsql-hackers by date:

From: Bruce Momjian
Date: 13 October 2021, 00:25:48
Subject: Re: storing an explicit nonce

From: Stephen Frost
Date: 13 October 2021, 00:53:01
Subject: Re: storing an explicit nonce

Re: storing an explicit nonce - Mailing list pgsql-hackers

Previous

Next