I would like to create a web application using PostgreSQL as a database. I want to have the database encrypted, so that even an attacker that has root access to the database server can't decrypt the data (or at least he would have to mess around with temporary in-memory data which is hard). I don't care about the schema, only about the content of the tables.
I also don't want to store the decryption key somewhere on the application server (neither in a config file, nor hardcoded).
Instead, my idea was to encrypt the whole database (or just tables and rows?) using a key that is provided by the user over the web application and that decrypts at runtime.
Is this scenario possible with PostgreSQL and which options do I have implement this?
Side note: It's a .NET based application (ASP.NET MVC3) and I'm using the Npsql driver.