Re: [ADMIN] Secure DB Systems - How to

Поиск
Список
Период
Сортировка
От Greg Stark
Тема Re: [ADMIN] Secure DB Systems - How to
Дата
Msg-id 87brhzsx9x.fsf@stark.xeocode.com
обсуждение исходный текст
Ответ на Re: [ADMIN] Secure DB Systems - How to  (Bruno Wolff III <bruno@wolff.to>)
Ответы Re: [ADMIN] Secure DB Systems - How to  (Daniel Struck <struck.d@retrovirology.lu>)
Re: [ADMIN] Secure DB Systems - How to  (Bruno Wolff III <bruno@wolff.to>)
Список pgsql-php
Дерево обсуждения 
Bruno Wolff III <bruno@wolff.to> writes:

> That depends on the kind of queries. Searching for exact matches should work
> fine. Some other things can be done in special cases.

If searching for exact matches works then you're using a naive encryption
system. The problem is that it also means your database is vulnerable to
dictionary attacks. Good encryption systems will include random padding to
ensure that you can't attack it by merely guessing many possible plaintexts
and verifying to see if any match.

--
greg

В списке pgsql-php по дате отправления:

Предыдущее
От: Lynna Landstreet
Дата:
Сообщение: Re: Strange warning message
Следующее
От: "Chris"
Дата:
Сообщение: Re: Strange warning message