On Wed, Jul 10, 2019 at 02:57:54PM -0400, Stephen Frost wrote: > Greetings, > > * Ryan Lambert (r...@rustprooflabs.com) wrote: > > > I didn't either, except it was referenced above as "forward hash". I > > > don't know why that was suggested, which is why I listed it as an > > > option/suggestion. > > > > My bad, sorry for the confusion! I meant to say "cipher" not "hash". I > > was (trying to) refer to the method of generating unpredictable IV from > > nonces using the forward cipher function and the encryption key. > > Too many closely related words with very specific meanings. > > No worries, just want to try and be clear on these things.. Too easy to > mistakenly think that doing this very-similar-thing will be as secure as > doing the recommended-thing (particularly when the recommended-thing is > a lot harder...), and we don't want to end up doing that and then > discovering it isn't actually secure..
Good, so I think we all now agree we have to put the nonce (pg_class.oid, LSN, page-number) though the cipher using the secret. I think Stephen is right that the overhead of this will be minimal for 8k page writes, and for WAL, we only need to generate the IV when we start a new 16MB segment, so again, minimal overhead. -- Bruce Momjian <br...@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + As you are, so once was I. As I am, so you will be. + + Ancient Roman grave inscription +