The bestway is to do the crypto on the client or application server, so the database has no idea what the keys are and cannot decrypt the data. If the client / appserver are on a different host, all the better.

在最好的办法是做客户端或应用程序服务器上的密码，所以数据库不知道什么键，并不能解密数据。如果客户端/应用程序服务器在不同的主机上，那就更好了。

If your database is encrypting and decrypting the data for you, then it's vulnerable to having the keys stolen along with the database.

如果您的数据库正在为您加密和解密数据，那么密钥很容易与数据库一起被盗。

If you use pgcrypto's in-database crypto functions you can have the application send the key along with the data, which is at least somewhat helpful. It still risks having the keys exposed in the logs if a helpful sysadmin turns on aggressive statement logging or automatic plan dumping, though, and in the end if the keys are going to the database machine they're more vulnerable than if they're not. An attacker who takes control of the database machine can also change log settings, replace the postgresql binaries, or sniff traffic to capture keys and data this way.

如果您使用 pgcrypto 的数据库内加密函数，您可以让应用程序将密钥与数据一起发送，这至少有些帮助。但是，如果有用的系统管理员打开积极的语句日志记录或自动计划转储，它仍然存在将密钥暴露在日志中的风险，并且最终如果密钥进入数据库机器，它们比没有的情况下更容易受到攻击. 控制数据库机器的攻击者还可以更改日志设置、替换 postgresql 二进制文件或嗅探流量以通过这种方式捕获密钥和数据。

If the appserver and db are on the same machine and managed by the same role(s) there's less point worrying about isolating them, and it may be sensible to just use pgcrypto.

如果 appserver 和 db 在同一台机器上并由相同的角色管理，那么担心隔离它们就没有什么意义了，只使用 pgcrypto 可能是明智的。

Either way, remember to salt!

不管怎样，记得加盐！