Home > mailing lists

Re: XTS cipher mode for cluster file encryption - Mailing list pgsql-hackers

From	Tomas Vondra
Subject	Re: XTS cipher mode for cluster file encryption
Date	October 18, 2021 22:02:56
Msg-id	b15e4a89-955c-7d0f-6821-5ac36f3ef118@enterprisedb.com Whole thread Raw
In response to	Re: XTS cipher mode for cluster file encryption (Sasasu <i@sasa.su>)
List	pgsql-hackers

Tree view


On 10/18/21 04:19, Sasasu wrote:
> Just a mention. the HMAC (or AE/AD) can be disabled in AES-GCM. HMAC in 
> AES-GCM is an encrypt-then-hash MAC.
> 
> CRC-32 is not a crypto-safe hash (technically CRC-32 is not a hash 
> function). Cryptographers may unhappy with CRC-32.
> 

True. If you can flip enough bits in the page, it probably is not very 
hard to generate a page with the desired checksum. It's probably harder 
with XTS, but likely not much more.

> I think CRC or SHA is not such important. If IV can be stored, I believe 
> there should have enough space to store HMAC.
> 

Right, I agree.


regards

-- 
Tomas Vondra
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

pgsql-hackers by date:

From: Andrew Dunstan
Date: 18 October 2021, 21:07:38
Subject: Re: BUG #17212: pg_amcheck fails on checking temporary relations

From: "Anton A. Melnikov"
Date: 18 October 2021, 22:11:12
Subject: Re: [PATCH] Tracking statements entry timestamp in pg_stat_statements

Re: XTS cipher mode for cluster file encryption - Mailing list pgsql-hackers

Previous

Next