On Fri, Nov 3, 2023 at 9:53 PM Andres Freund <andres@anarazel.de> wrote:
On 2023-11-02 19:32:28 -0700, Andres Freund wrote: > > From 327e86d52be1df8de9c3a324cb06b85ba5db9604 Mon Sep 17 00:00:00 2001 > > From: David Christensen <david@pgguru.net> > > Date: Fri, 29 Sep 2023 15:16:00 -0400 > > Subject: [PATCH v3 5/5] Add encrypted/authenticated WAL > > > > When using an encrypted cluster, we need to ensure that the WAL is also > > encrypted. While we could go with an page-based approach, we use instead a > > per-record approach, using GCM for the encryption method and storing the AuthTag > > in the xl_crc field.
What was the reason for this decision?
This was mainly to prevent IV reuse by using a per-record encryption rather than per-page, since partial writes out on the WAL buffer would result in reuse there. This was somewhat of an experiment since authenticated data per record was basically equivalent in function to the CRC.
There was a switch here so normal clusters use the crc field with the existing CRC implementation, only encrypted clusters use this alternate approach.