Re: storing an explicit nonce
| От | Ants Aasma |
|---|---|
| Тема | Re: storing an explicit nonce |
| Дата | |
| Msg-id | CANwKhkM+sRgtxB4E9ssdujnBdLL_6_Z_V-+Gg9bGDyNq7X8zPQ@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: storing an explicit nonce (Bruce Momjian <bruce@momjian.us>) |
| Ответы |
Re: storing an explicit nonce
Re: storing an explicit nonce |
| Список | pgsql-hackers |
On Wed, 13 Oct 2021 at 00:25, Bruce Momjian <bruce@momjian.us> wrote:
On Tue, Oct 12, 2021 at 11:21:28PM +0300, Ants Aasma wrote:
> On Tue, 12 Oct 2021 at 16:14, Bruce Momjian <bruce@momjian.us> wrote:
>
> Well, how do you detect an all-zero page vs a page that encrypted to all
> zeros?
>
> Page encrypting to all zeros is for all practical purposes impossible to hit.
> Basically an attacker would have to be able to arbitrarily set the whole
> contents of the page and they would then achieve that this page gets ignored.
Uh, how do we know that valid data can't produce an encrypted all-zero
page?
Because the chances of that happening by accident are equivalent to making a series of commits to postgres and ending up with the same git commit hash 400 times in a row.
--
Ants Aasma Senior Database Engineer www.cybertec-postgresql.com
В списке pgsql-hackers по дате отправления: