Bruce, * Bruce Momjian (br...@momjian.us) wrote: > On Tue, Jun 13, 2017 at 01:01:32PM -0400, Stephen Frost wrote: > > > Well, usually the symetric key is stored using RSA and a symetric > > > cipher is used to encrypt/decrypt the data. I was thinking of a case > > > where you encrypt a row using a symetric key, then store RSA-encrypted > > > versions of the symetric key encrypted that only specific users could > > > decrypt and get the key to decrypt the data. > > > > This goes back to key management and I agree that it often makes sense > > to use RSA or similar to encrypt the symmetric key, and this approach > > would allow the user to do so. That doesn't actually give you a > > "write-only" encryption option though, since any user who can decrypt > > the symmetric key is able to use the symmetric key for both encryption > > and decryption, and someone who only has access to the RSA encryption > > key can't actually encrypt the data since they can't access the > > symmetric key. > > I think the big win of Postgres doing the encryption is that the > user-visible file system is no longer a target (assuming OS permissions > are bypassed), while for file system encryption it is the storage device > that is encrypted.
If OS permissions are bypassed then the encryption isn't going to help because the attacker can just access shared memory. The big wins for doing the encryption in PostgreSQL are, as Robert and I have both mentioned on this thread already, that it provides data-at-rest encryption in an easier to deploy fashion which will work the same across different systems and allows the encrypted cluster to be transferred more easily between systems. There are almsot certainly other wins from having PG do the encryption, but the above strikes me as the big ones, and those are certainly valuable enough on their own for us to seriously consider adding this capability. > My big question is how many times are the OS permissions bypassed in a > way that would also not expose the db clusters key or db data? This is not the attack vector that this solution is attempting to address, so there really isn't much point in discussing it on this thread. Thanks! Stephen
signature.asc
Description: Digital signature