On 11/8/2010 10:32 AM, Alex Peshkoff wrote:

> On 11/08/10 18:15, Jim Starkey wrote:
>> On 11/8/2010 6:38 AM, Daniel Rail wrote:
>>> I suggest here not to go into details of crypt implementation (what
>>>> algorithm, what library, etc.). Instead interfaces needed to support
>>>> line& file encryption should be defined.
>>> It's all that I'm asking for, is interfaces to be able to define our
>>> own line and file encryption.
>>>
>> I'm afraid that just adding interfaces isn't nearly enough. To do even
>> plausible line encryption (out of SSL), you need the following:
>>
> Certainly, we need to have all of this. Only interface is definitely not
> enough. But as far as I've understood Daniel, interface is enough from
> user's POV to be able to write crypt plugin with crypt algorithm
> particular user needs.

There is no point in having an encryption interface without a mechanism
to manage keys.

>> 1. Creation or maintenance of a public key pair on the server for key
>> transmittal.
> Suppose this is one more hook on server startup. How does plugin
> generate keys (or loads from disk - for line encryption that is probably
> acceptable) is not our problem.

That's something to be decided. For NimbusDB, I generate an RSA key
pair at server start up time so I don't have to store the private key on
disk. But are alternatives, depending on how much you trust the
security on the disk. If you're considering page level encryption, by
definition you don't trust the disk.

>> 5. Hooks in PIO for page encryption
> Sorry - may be we can start with line encryption? :)

I think that makes sense as long as the architecture is capable of
supporting both line and page level encryption.


--
Jim Starkey
Founder, NimbusDB, Inc.
978 526-1376