Greetings, * Ryan Lambert (r...@rustprooflabs.com) wrote: > > what is it that gets stored in the page for > > decryption use, the nonce or the IV derived from it? > > I believe storing the IV is preferable and still secure per [1]: "The IV > need not be secret" > > Beyond needing the database oid, if every decrypt function has to > regenerate the IV from the nonce that will affect performance. I don't > know how expensive the forward hash is but it won't be free.
Compared to the syscall and possible disk i/o required, I'm not sure that's something we really need to try to optimize for, particularly if we could store something more generally useful (like the LSN) in that little bit of space that's available in each page. Thanks, Stephen
signature.asc
Description: PGP signature
