On Tue, Oct 12, 2021 at 17:49 Ants Aasma <ants@cybertec.at> wrote:
On Wed, 13 Oct 2021 at 00:25, Bruce Momjian <bruce@momjian.us> wrote:
On Tue, Oct 12, 2021 at 11:21:28PM +0300, Ants Aasma wrote: > On Tue, 12 Oct 2021 at 16:14, Bruce Momjian <bruce@momjian.us> wrote: > > Well, how do you detect an all-zero page vs a page that encrypted to all > zeros? > > Page encrypting to all zeros is for all practical purposes impossible to hit. > Basically an attacker would have to be able to arbitrarily set the whole > contents of the page and they would then achieve that this page gets ignored.
Uh, how do we know that valid data can't produce an encrypted all-zero page?
Because the chances of that happening by accident are equivalent to making a series of commits to postgres and ending up with the same git commit hash 400 times in a row.
And to then have a valid checksum … seems next to impossible.
