[cryptography] Questions about crypto in Oracle TDE
morlockelloi at yahoo.com
Fri Nov 9 12:36:41 EST 2012
As long as each encryption of the same plaintext yields the same ciphertext, indexing works. However, the space is tight - plaintext size is close to the cipher capacity.
BTW, the same plaintext is never encrypted with different keys, so CRT doesn't work.
> Do you do any padding? If not you might be vulnerable
> to multiplication because:
> RSA(a)*RSA(b) == RSA(a*b)
> and if you are doing padding (eg with random inputs if any
> seeded by the
> plaintext and a fixed secrete seed), then you need
> rigorously verify the
> padding on decrypt or the padding may not defend against
More information about the cryptography