Open peterox opened 8 years ago
Thanks for the update. It may be smart to make the cipher configurable going forward. It's also worth making a note that this shifts CPU load from the application servers (which are plentiful) to the database servers (which can bottleneck more easily).
Hi there,
I was curious about your benchmark figures and after some research worked out that they are not accurate.
Section 5.8 in http://web.mit.edu/jhawk/mnt/spo/postgres-8.2/src/postgresql-8.2.5/contrib/pgcrypto/README.pgcrypto states that the default algorithm used is aes-128. attr_entrypted uses aes-256 as a default.
I modified your code to specify the aes-256 algorithm and the benchmark figures changed.
Note I also changed the benchmark to test decryption:
Before:
after
Using pgcrypto was still faster but not as much as when only using 128 bit encryption.
Cheers Peter