docs icon indicating copy to clipboard operation
docs copied to clipboard

Published 20 hours ago verified publisher icon cockroachdb

Feedback: Take and Restore Encrypted Backups: needs more details about GCM implementation

Open mikkorantalainen opened this issue 1 year ago • 0 comments

Exalate commented:

Page: https://cockroachlabs.com/docs/v24.1/take-and-restore-encrypted-backups.html

What is the reason for your feedback?

[X] Missing the information I need

Additional details

The page says that backup data at rest is encrypted with AES-GCM-256 and only links to Wikipedia page which explains that GCM mode is not safe to use if data stream is longer than 64 GB. Does that mean that CockroachDB encrypted backups are not safe if you have more than 64 GB of data?

If the encryption routine implements IV rollover or some other measure to avoid this vulnerability, it should be declared explicitly in the documentation.

Jira Issue: DOC-10554

mikkorantalainen avatar Jun 18 '24 12:06 mikkorantalainen