[jira] [Commented] (CASSANDRA-14102) Vault support for transparent data encryption
[ https://issues.apache.org/jira/browse/CASSANDRA-14102?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16320368#comment-16320368 ] Romain Hardouin commented on CASSANDRA-14102: - I meant EncryptionContext use. Thanks for your feedback! > Vault support for transparent data encryption > - > > Key: CASSANDRA-14102 > URL: https://issues.apache.org/jira/browse/CASSANDRA-14102 > Project: Cassandra > Issue Type: New Feature >Reporter: Stefan Podkowinski >Assignee: Stefan Podkowinski > Labels: encryption > Fix For: 4.x > > > Transparent data encryption provided by CASSANDRA-9945 can currently be used > for commitlog and hints. The default {{KeyProvider}} implementation that we > ship allows to use a local keystore for storing and retrieving keys. Thanks > to the pluggable handling of the {{KeyStore}} provider and basic Vault > related classes introduced in CASSANDRA-13971, a Vault based implementation > can be provided as {{KeyProvider}} as well. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-14102) Vault support for transparent data encryption
[ https://issues.apache.org/jira/browse/CASSANDRA-14102?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16320298#comment-16320298 ] Stefan Podkowinski commented on CASSANDRA-14102: Performance impact by using the Vault key provider instead of a local keystore? Or the optimization of EncryptionContext use? Each key for any key alias is immutable and will be cached infinitely. The interaction with Vault should thus be minimal and in most cases we will only call Vault once on startup, to retrieve the key. With CASSANDRA-14107 we also call Vault to check for new keys and to fetch them. But also only sporadically. As for the optimization of EncryptionContext use it probably depends on how many encrypted committlog segments and hint files are being generated. Not so trivial to create a good benchmark for that. > Vault support for transparent data encryption > - > > Key: CASSANDRA-14102 > URL: https://issues.apache.org/jira/browse/CASSANDRA-14102 > Project: Cassandra > Issue Type: New Feature >Reporter: Stefan Podkowinski >Assignee: Stefan Podkowinski > Labels: encryption > Fix For: 4.x > > > Transparent data encryption provided by CASSANDRA-9945 can currently be used > for commitlog and hints. The default {{KeyProvider}} implementation that we > ship allows to use a local keystore for storing and retrieving keys. Thanks > to the pluggable handling of the {{KeyStore}} provider and basic Vault > related classes introduced in CASSANDRA-13971, a Vault based implementation > can be provided as {{KeyProvider}} as well. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-14102) Vault support for transparent data encryption
[ https://issues.apache.org/jira/browse/CASSANDRA-14102?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16319903#comment-16319903 ] Romain Hardouin commented on CASSANDRA-14102: - It's a nice feature. Out of curiosity, did you make few benchmarks to measure impacts on performances? > Vault support for transparent data encryption > - > > Key: CASSANDRA-14102 > URL: https://issues.apache.org/jira/browse/CASSANDRA-14102 > Project: Cassandra > Issue Type: New Feature >Reporter: Stefan Podkowinski >Assignee: Stefan Podkowinski > Labels: encryption > Fix For: 4.x > > > Transparent data encryption provided by CASSANDRA-9945 can currently be used > for commitlog and hints. The default {{KeyProvider}} implementation that we > ship allows to use a local keystore for storing and retrieving keys. Thanks > to the pluggable handling of the {{KeyStore}} provider and basic Vault > related classes introduced in CASSANDRA-13971, a Vault based implementation > can be provided as {{KeyProvider}} as well. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-14102) Vault support for transparent data encryption
[ https://issues.apache.org/jira/browse/CASSANDRA-14102?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16311410#comment-16311410 ] Stefan Podkowinski commented on CASSANDRA-14102: I've now pushed a few commits to address the concerns expressed in my previous comment. Creating new {{EncryptionContext}} instances will now use the same cipher factory and key caches with less generated garbage. > Vault support for transparent data encryption > - > > Key: CASSANDRA-14102 > URL: https://issues.apache.org/jira/browse/CASSANDRA-14102 > Project: Cassandra > Issue Type: New Feature >Reporter: Stefan Podkowinski >Assignee: Stefan Podkowinski > Labels: encryption > Fix For: 4.x > > > Transparent data encryption provided by CASSANDRA-9945 can currently be used > for commitlog and hints. The default {{KeyProvider}} implementation that we > ship allows to use a local keystore for storing and retrieving keys. Thanks > to the pluggable handling of the {{KeyStore}} provider and basic Vault > related classes introduced in CASSANDRA-13971, a Vault based implementation > can be provided as {{KeyProvider}} as well. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-14102) Vault support for transparent data encryption
[ https://issues.apache.org/jira/browse/CASSANDRA-14102?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16296472#comment-16296472 ] Stefan Podkowinski commented on CASSANDRA-14102: I think the whole life-cycle handling of {{EncryptionContext}} and {{CipherFactory}} could need a review along with this patch as well. Each hint file and commitlog segment will need to instantiate it's own EncryptionContext before it can be decrypted, see {{EncryptionContext.createFromMap}}. This will also imply to create a new CipherFactory, including a dedicated caffeine cache and expensive reflection based configuration and {{KeyProvider}} construction. I'm also not sure that we really keep the KeyProvider contract: _"Further, each key will be requested non-concurrently (that is, no stampeding herds for the same key), although unique keys may be requested concurrently (unless you mark @code getSecretKey synchronized)."_ If we create 100x EncryptionContext instances there will be just that much key requests against Vault or any other implementation. > Vault support for transparent data encryption > - > > Key: CASSANDRA-14102 > URL: https://issues.apache.org/jira/browse/CASSANDRA-14102 > Project: Cassandra > Issue Type: New Feature >Reporter: Stefan Podkowinski >Assignee: Stefan Podkowinski > Labels: encryption > Fix For: 4.x > > > Transparent data encryption provided by CASSANDRA-9945 can currently be used > for commitlog and hints. The default {{KeyProvider}} implementation that we > ship allows to use a local keystore for storing and retrieving keys. Thanks > to the pluggable handling of the {{KeyStore}} provider and basic Vault > related classes introduced in CASSANDRA-13971, a Vault based implementation > can be provided as {{KeyProvider}} as well. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org