Re: storing an explicit nonce
| От | Robert Haas |
|---|---|
| Тема | Re: storing an explicit nonce |
| Дата | |
| Msg-id | CA+TgmoYYseXmPrSDJ5HBfgSr1O0cZPAJk2M2GzdVe+KWQZ7PeQ@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: storing an explicit nonce (Ashwin Agrawal <ashwinstar@gmail.com>) |
| Ответы |
Re: storing an explicit nonce
|
| Список | pgsql-hackers |
On Thu, Oct 7, 2021 at 3:31 PM Ashwin Agrawal <ashwinstar@gmail.com> wrote: > Not at all knowledgeable on security topics (bravely using terms and recommendation), can we approach decisions like AES-XTSvs AES-GCM (which in turn decides whether we need to store nonce or not) based on which compliance it can achieveor not. Like can using AES-XTS make it FIPS 140-2 compliant or not? To the best of my knowledge, the encryption mode doesn't have much to do with whether such compliance can be achieved. The encryption algorithm could matter, but I assume everyone still thinks AES is acceptable. (We should assume that will eventually change.) The encryption mode is, at least as I understand, more of an internal thing that you have to get right to avoid having people break your encryption and write papers about how they did it. -- Robert Haas EDB: http://www.enterprisedb.com
В списке pgsql-hackers по дате отправления: