2

We need to encrypt some columns in a postgresql 9.6 database. We are planning to use pgcrytpo's asymmetric key method for our requirement. we keep daily, weekly, monthly and yearly backups using pg_dump.

we are planning to rotate encryption keys every month and i have some questions regarding this

  1. while rotating keys, do we have to decrypt data which was encrypted with previous key and again encrypt with new key or we can use any other approach?
  2. As we keep very old backups, do we have to restore backup and decrypt data which was encrypted with previous key and again encrypt with new key?
  3. what are the best practices and points to remember for key rotation?

As i am doing encryption for the first time, please bear with me if i have asked any silly question.

YogeshR
  • 1,606
  • 2
  • 22
  • 43
  • 3
    Keep the last N keys around. Encrypt with the youngest key. Attempt decryption with all of them. This will make old data unreadable after N rotations. If that's not what you want you have to either reencrypt data before the key rotates out, or encrypt data with a single master key that never changes and encrypt this master key with the short-lived keys (you can safely store the cipher texts for the master key in the database itself). – Peter May 06 '20 at 07:46
  • 1
    The option with a single master key also allows you to invalidate a short-lived key very easily: simply delete the cipher text of the master key for the short-lived key you want to revoke/invalidate (this assumes that you don't give the cipher text to the key holder, if course). – Peter May 06 '20 at 07:51

0 Answers0