Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1mlb3F-0000LO-5U for pgsql-hackers@arkaria.postgresql.org; Fri, 12 Nov 2021 18:13:25 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.92) (envelope-from ) id 1mlb3D-0005jk-FK for pgsql-hackers@arkaria.postgresql.org; Fri, 12 Nov 2021 18:13:23 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1mlb3D-0005jb-5M for pgsql-hackers@lists.postgresql.org; Fri, 12 Nov 2021 18:13:23 +0000 Received: from momjian.us ([72.94.173.45]) by makus.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1mlb36-00055u-PL for pgsql-hackers@postgresql.org; Fri, 12 Nov 2021 18:13:22 +0000 Received: from bruce by momjian.us with local (Exim 4.92) (envelope-from ) id 1mlb2x-00040Q-FI; Fri, 12 Nov 2021 13:13:07 -0500 Date: Fri, 12 Nov 2021 13:13:07 -0500 From: Bruce Momjian To: Stephen Frost Cc: Tomas Vondra , Yura Sokolov , Sasasu , Robert Haas , Andres Freund , PostgreSQL-development Subject: Re: XTS cipher mode for cluster file encryption Message-ID: <20211112181307.GC1948@momjian.us> References: <20211020122407.GW20998@tamriel.snowman.net> <20211021172812.GZ20998@tamriel.snowman.net> <48020c9811b72499aa5c4c4584b34ed33b75d1b0.camel@postgrespro.ru> <20211025161227.GE20998@tamriel.snowman.net> <741fa2d3752cc9ef958bb36c495fe952459eaff2.camel@postgrespro.ru> <20211026194330.GN20998@tamriel.snowman.net> <20211026213930.GA8607@momjian.us> <20211101182436.GW20998@tamriel.snowman.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20211101182436.GW20998@tamriel.snowman.net> User-Agent: Mutt/1.10.1 (2018-07-13) List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On Mon, Nov 1, 2021 at 02:24:36PM -0400, Stephen Frost wrote: > I can understand the general idea that we should be sure to engineer > this in a way that multiple methods can be used, as surely one day folks > will say that AES128 isn't acceptable any more. In terms of what we'll > do from the start, I would think providing the options of AES128 and > AES256 would be good to ensure that we have the bits covered to support > multiple methods and I don't think that would put us into a situation of > having to really explain which to use to users (we don't for pgcrypto > anyway, as an example). I agree that we shouldn't be looking at adding > in a whole new crypto library for this though, that's a large and > independent effort (see the work on NSS happening nearby). Since it has been two weeks since the last activity on this thread, I have updated the TDE wiki to reflect the conclusions and discussions: https://wiki.postgresql.org/wiki/Transparent_Data_Encryption -- Bruce Momjian https://momjian.us EDB https://enterprisedb.com If only the physical world exists, free will is an illusion.