Thanks you Guys, These are very helpful pointers. I will go away and see how much depth I do need.
Regards Vikas S. On Tue, 3 Aug 2021 at 14:36, Joe Conway <m...@joeconway.com> wrote: > On 8/3/21 8:43 AM, Luca Ferrari wrote: > > On Tue, Aug 3, 2021 at 1:03 PM Vikas Sharma <shavi...@gmail.com> wrote: > >> My question is, can I use the gpg public/secret key instead of the > 'Secret password' in above PGP_Sym_encrypt/decrypt? I can create a wrapper > function to read the public/secret keys to hide it from appearing as clear > text. > > > > I think you are looking for something like: > > > > pgp_pub_encrypt( clear_text, > > dearmor( '-----BEGIN PGP PUBLIC KEY BLOCK----- > > ... > > -----END PGP PUBLIC KEY BLOCK-----' ) ); > > > > > >> > >> still researching how to encrypt a column with sensitive data as a best > practice to use in OLTP production with minimal impact on performance. > > > > Clearly, as you add more stuff to do, performances will be lower. I > > strongly recommend you to analyze if column encryption is really what > > you need for your purposes, because in my little experience it is > > often too much work with regard to other approaches (e.g., disk and > > backup encryption). > > Generally agreed. This topic is vast and complex and probably beyond > what most people want to discuss by typing (at least for me) ;-) > > That said, you might find this extension written by Bruce Momjian useful: > > https://momjian.us/download/pgcryptokey/ > > HTH, > > Joe > -- > Crunchy Data - http://crunchydata.com > PostgreSQL Support for Secure Enterprises > Consulting, Training, & Open Source Development >
