Database Reference
In-Depth Information
How it works...
What we have done here is:
F hidden the keys from non-superuser database users
F provided wrappers for authorized users to still use the encryption and decryption
functionality
To ensure that your sensitive data is not stolen while in transit between client and database,
make sure you connect to PostgreSQL server using an SSL-encrypted connection, or connect
from localhost.
You also have to trust your server administrators and other users with superuser privileges
to be sure your encrypted data is safe.
There's more...
For really sensitive data
For some data, you don't want to risk having the decryption password on the same machine
as the encrypted data.
In those cases, you either use public/private key cryptography and do only the encryption
part on the database server. This also means that you only have the encryption key on
the database host, and not the key needed for decryption. Alternatively, you can deploy a
separate, extra secure encryption server in your server infrastructure that provides just the
encrypting/decrypting functionality as a remote call.
For really, really really, sensitive data
For even more sensitive data, you may never want the data to leave the client computer
unencrypted. Hence, you need to encrypt the data before sending it to the database. In that
case, PostgreSQL receives already encrypted data, and never sees the unencrypted version.
This also means that the only useful indexes you can have are for use in " WHERE encrypted_
column = encrypted_data " and for ensuring uniqueness. Even the " WHERE = " can be used
only if the encryption algorithm always produces the same ciphertext for the same plaintext,
which weakens the strength of encryption.
Two versions of pg_crypto
Pgcrypto is usually compiled to use openssl l library ( http://www.op enssl.org ). If for some
reason, you don't have openssl or just don't want to use it, it is possible to compile a version of
pg_crypto without it, with a smaller number of supported encryption algorithms, and slightly
reduced performance.
 
Search WWH ::




Custom Search