Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1oSzpb-0001en-6D for pgsql-hackers@arkaria.postgresql.org; Tue, 30 Aug 2022 11:54:59 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.92) (envelope-from ) id 1oSzoc-0001ai-1l for pgsql-hackers@arkaria.postgresql.org; Tue, 30 Aug 2022 11:53:58 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1oSzob-0001aZ-OO for pgsql-hackers@lists.postgresql.org; Tue, 30 Aug 2022 11:53:57 +0000 Received: from wout2-smtp.messagingengine.com ([64.147.123.25]) by makus.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1oSzoZ-0001It-0l for pgsql-hackers@postgresql.org; Tue, 30 Aug 2022 11:53:56 +0000 Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.west.internal (Postfix) with ESMTP id F1B223200907; Tue, 30 Aug 2022 07:53:51 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Tue, 30 Aug 2022 07:53:52 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1661860431; x= 1661946831; bh=rpdko4RDGF9qePoxRvvQ44mNq2aqdLO6htLUb0APHUg=; b=x UyFoaJpCz0L2xB2i1WPEIwu8ItzfxBOLIax50t4vXr2o2ay16yM4S4iuEaS0xLHq Fmbbp1OvgSnPwVzxDeLLLp5ThQnT0WJ6aSXjTD3ktcw7Z24lMoeZdN71+LqdjwEL oV7AQDYkZYGHXDJR1un1rlxKKOVx5+OVKweRn68G5tP3neJXYhChYiTAFa1CSuHw Qgw/2h2YdbecU5QsB75vV5MOazDxwFgDuC9++58IK7/bO+1atFmk6oBZeiyGeCSI 15AcVUW0ngHKoX6osDX8d0NS8/GTWPJODdx47fvGGen9dmPe1ntzGvh7a8C5rDgU 1tobKjrEGVjy89YWOwIaw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrvdekfedggeeiucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepkfffgggfuffvvehfhfgjtgfgsehtjeertddtfeejnecuhfhrohhmpefrvght vghrucfgihhsvghnthhrrghuthcuoehpvghtvghrrdgvihhsvghnthhrrghuthesvghnth gvrhhprhhishgvuggsrdgtohhmqeenucggtffrrghtthgvrhhnpeehleffgeegudejteei hfelteduvdeifffhffdvjedvffegjeekudeludehudeifeenucevlhhushhtvghrufhiii gvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehpvghtvghrrdgvihhsvghnthhrrghu thesvghnthgvrhhprhhishgvuggsrdgtohhm X-ME-Proxy: Feedback-ID: i131946ab:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 30 Aug 2022 07:53:50 -0400 (EDT) Message-ID: Date: Tue, 30 Aug 2022 13:53:49 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.13.0 Subject: Re: Transparent column encryption Content-Language: en-US To: Jacob Champion , Robert Haas Cc: pgsql-hackers References: <89157929-c2b6-817b-6025-8e4b2d89d88f@enterprisedb.com> <48a9f2c2-4a57-27d8-7c53-16a23a01014e@enterprisedb.com> <79f08a39-a7da-5157-cef4-378fb60c18f8@enterprisedb.com> <258c5064-437e-f41e-7537-5e8c343c33cc@enterprisedb.com> <9e664928-95ce-4da5-5fd1-6dad3f68c5b5@timescale.com> From: Peter Eisentraut In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On 27.07.22 01:19, Jacob Champion wrote: >> Now, if we don't have a padding system >> built into the feature, then that does put even more on the user; it's >> hard to argue with that. > Right. If they can even fix it at all. Having a well-documented padding > feature would not only help mitigate that, it would conveniently hang a > big sign on the caveats that exist. I would be interested in learning more about such padding systems. I have done a lot of reading for this development project, and I have never come across a cryptographic approach to hide length differences by padding. Of course, padding to the block cipher's block size is already part of the process, but that is done out of necessity, not because you want to disguise the length. Are there any other methods? I'm interested to learn more.