Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Storing encrypted data in Postgres [closed]

Tags:

postgresql

encryption

I have a requirement to store certain data in an encrypted form in Postgres. Obviously, I need to encrypt it, store it, and be able to read and decrypt it. What is the best way to do this?

like image 303
Joe Avatar asked Nov 08 '11 17:11

Joe

People also ask

Is Postgres data encrypted at rest?

While there are options such as Crunchy Hardened PostgreSQL that offer TDE solutions, you can still encrypt your PostgreSQL data at rest today by doing so at the disk level. In a Kubernetes environment, this is done by using a storage class that supports encryption.

Does PostgreSQL support transparent data encryption?

Transparent Data Encryption (TDE) is a CYBERTEC encryption patch for PostgreSQL. It is currently the only implementation that supports transparent and cryptographically safe data (cluster) level encryption, independent of operating system or file system encryption.

What encryption does Postgres use?

PostgreSQL has native support for using SSL connections to encrypt client/server communications for increased security. This requires that OpenSSL is installed on both client and server systems and that support in PostgreSQL is enabled at build time (see Chapter 15).

1 Answers

The best way is to do the crypto on the client or application server, so the database has no idea what the keys are and cannot decrypt the data. If the client / appserver are on a different host, all the better.

If your database is encrypting and decrypting the data for you, then it's vulnerable to having the keys stolen along with the database.

If you use pgcrypto's in-database crypto functions you can have the application send the key along with the data, which is at least somewhat helpful. It still risks having the keys exposed in the logs if a helpful sysadmin turns on aggressive statement logging or automatic plan dumping, though, and in the end if the keys are going to the database machine they're more vulnerable than if they're not. An attacker who takes control of the database machine can also change log settings, replace the postgresql binaries, or sniff traffic to capture keys and data this way.

If the appserver and db are on the same machine and managed by the same role(s) there's less point worrying about isolating them, and it may be sensible to just use pgcrypto.

Either way, remember to salt!

like image 172
Craig Ringer Avatar answered Oct 07 '22 03:10

Craig Ringer
Sign in to Comment

Related questions

postgresql database owner can't access database - "No relations found."
Update a column of a table with a column of another table in PostgreSQL
Postgres dump specific table with a capital letter
Increase PostgreSQL write speed at the cost of likely data loss?
Simple Rails App: Error Cannot visit Integer
check postgres replication status
Postgresql - CREATE TABLE SYNTAX ERROR USING LIKE -
Rails Console - Find where created at = certain day
Hash a column in postgres using sha-256
Trying to get Postgres setup in my environment but can't seem to get permissions to intidb
permission denied to create extension "uuid-ossp"
PostgreSQL latitude longitude query
How to restart postgresql on OS X?
bundle failing - Can't find the PostgreSQL client library (libpq) [duplicate]
Postgresql - detect changes and call webservice
Spatial Data in PostgreSQL
cross-database references are not implemented:
How to split read-only and read-write transactions with JPA and Hibernate
What is the MySQL equivalent of PostgreSQL's EXPLAIN ANALYZE
What's the "E" before a Postgres string?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!