The best way is to do the crypto on the client or
application server, so the database has no idea what the keys are and
cannot decrypt the data. If the client / appserver are on a different
host, all the better.
If your database is encrypting and decrypting the data for you, then
it's vulnerable to having the keys stolen along with the database.
If you use pgcrypto's in-database crypto functions you can have the
application send the key along with the data, which is at least somewhat
helpful. It still risks having the keys exposed in the logs if a
helpful sysadmin turns on aggressive statement logging or automatic plan
dumping, though, and in the end if the keys are going to the database
machine they're more vulnerable than if they're not. An attacker who
takes control of the database machine can also change log settings,
replace the postgresql binaries, or sniff traffic to capture keys and
data this way.
If the appserver and db are on the same machine and managed by the
same role(s) there's less point worrying about isolating them, and it
may be sensible to just use pgcrypto.
No comments:
Post a Comment