On 10/18/21 04:19, Sasasu wrote:
Just a mention. the HMAC (or AE/AD) can be disabled in AES-GCM. HMAC in
AES-GCM is an encrypt-then-hash MAC.
CRC-32 is not a crypto-safe hash (technically CRC-32 is not a hash
function). Cryptographers may unhappy with CRC-32.
True. If you can flip enough bits in the page, it probably is not very
hard to generate a page with the desired checksum. It's probably harder
with XTS, but likely not much more.
I think CRC or SHA is not such important. If IV can be stored, I believe
there should have enough space to store HMAC.
Right, I agree.
regards
--
Tomas Vondra
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
