On 2019-07-05 22:24, Tomas Vondra wrote: > What if the granular encryption (not the "whole cluster with a single > key") case does not encrypt whole blocks, but just tuple data? Would > that allow at least the most critical WAL use cases (recovery, physical > replication) to work without having to know all the encryption keys?
Finding the exact point where you divide up sensitive and non-sensitive data would be difficult. For example, say, you encrypt the tuple payload but not the tuple header, so that vacuum would still work. Then, someone who has access to the raw data directory could infer in combination with commit timestamps for example, that on Friday between 5pm and 6pm, 10000 records were updated, 500 were inserted, and 200 were deleted, and that table has about this size, and this happens every Friday, and so on. That seems way to much information to reveal for an allegedly encrypted data directory. -- Peter Eisentraut http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
