[
https://issues.apache.org/jira/browse/CASSANDRA-9633?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15674920#comment-15674920
]
Ben Bromhead commented on CASSANDRA-9633:
-----------------------------------------
There appears to be a bit of a stall on this ticket, I'm happy to address /
review / help out on any outstanding comments / nits. I've included a few of my
initial thoughts on some of the above issues, however I'm still going through
the code and testing:
bq. Enabling encryption on a table silently discards any compression settings
on the table
One note on supporting compression with encryption is that it's tricky to do
correctly. Performing compression on input that is potentially attacker
controlled is generally a big no-no. For an example of why this is not a good
idea, check out the CRIME attack against SSL, which leverages using compression
influenced size as an oracle https://en.wikipedia.org/wiki/CRIME.
I know this is done in DSE, I'm not familiar with the Datastax implementation
as these are closed source, however I would be cautious using
EncryptingSnappyCompressor et al.
On the flip side performing compression after the SSTable has been encrypted
tends to not be particularly effective due to apparent increase of entropy in
the SSTable after encryption.
Due to the above, I would not worry about supporting the ability to encrypt AND
compress SSTables in this first release of the feature.
bq. Not every cipher mode supports initialization vectors
Supporting cipher modes that don't use IVs allows users to shoot themselves in
the foot. The example given above of AES/ECB/NoPadding is definitely a cipher
mode we don't want to support. See https://blog.filippo.io/the-ecb-penguin/
> Add ability to encrypt sstables
> -------------------------------
>
> Key: CASSANDRA-9633
> URL: https://issues.apache.org/jira/browse/CASSANDRA-9633
> Project: Cassandra
> Issue Type: New Feature
> Reporter: Jason Brown
> Assignee: Jason Brown
> Labels: encryption, security, sstable
> Fix For: 3.x
>
>
> Add option to allow encrypting of sstables.
> I have a version of this functionality built on cassandra 2.0 that
> piggy-backs on the existing sstable compression functionality and ICompressor
> interface (similar in nature to what DataStax Enterprise does). However, if
> we're adding the feature to the main OSS product, I'm not sure if we want to
> use the pluggable compression framework or if it's worth investigating a
> different path. I think there's a lot of upside in reusing the sstable
> compression scheme, but perhaps add a new component in cqlsh for table
> encryption and a corresponding field in CFMD.
> Encryption configuration in the yaml can use the same mechanism as
> CASSANDRA-6018 (which is currently pending internal review).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
