Re: storing an explicit nonce

Поиск
Список
Период
Сортировка
От Ants Aasma
Тема Re: storing an explicit nonce
Дата
Msg-id CANwKhkPXb3K1FgCicz92P6xTme6sq_EJUq1rM5Mz8YdhbuJwfA@mail.gmail.com
обсуждение исходный текст
Ответ на Re: storing an explicit nonce  (Stephen Frost <sfrost@snowman.net>)
Ответы Re: storing an explicit nonce  (Bruce Momjian <bruce@momjian.us>)
Список pgsql-hackers
Дерево обсуждения
On Thu, 7 Oct 2021 at 21:52, Stephen Frost <sfrost@snowman.net> wrote:
With XTS this isn't actually the case though, is it..?  Part of the
point of XTS is that the last block doesn't have to be a full 16 bytes.
What you're saying is true for XEX, but that's also why XEX isn't used
for FDE in a lot of cases, because disk sectors aren't typically
divisible by 16.

https://en.wikipedia.org/wiki/Disk_encryption_theory

Assuming that's correct, and I don't see any reason to doubt it, then
perhaps it would make sense to have the LSN be unencrypted and include
it in the tweak as that would limit the risk from re-use of the same
tweak over time.

Right, my thought was to leave the first 8 bytes of pages, the LSN, unencrypted and include the value in the tweak. Just tested that OpenSSL aes-256-xts handles non multiple-of-16 messages just fine.

-- 
Ants Aasma
Senior Database Engineer
www.cybertec-postgresql.com

В списке pgsql-hackers по дате отправления:

Предыдущее
От: "Bossart, Nathan"
Дата:
Сообщение: Re: should we allow users with a predefined role to access pg_backend_memory_contexts view and pg_log_backend_memory_contexts function?
Следующее
От: Robert Haas
Дата:
Сообщение: Re: storing an explicit nonce