[jira] [Commented] (CASSANDRA-14102) Vault support for transparent data encryption
[
https://issues.apache.org/jira/browse/CASSANDRA-14102?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16320368#comment-16320368
]
Romain Hardouin commented on CASSANDRA-14102:
-
I meant EncryptionContext use. Thanks for your feedback!
> Vault support for transparent data encryption
> -
>
> Key: CASSANDRA-14102
> URL: https://issues.apache.org/jira/browse/CASSANDRA-14102
> Project: Cassandra
> Issue Type: New Feature
>Reporter: Stefan Podkowinski
>Assignee: Stefan Podkowinski
> Labels: encryption
> Fix For: 4.x
>
>
> Transparent data encryption provided by CASSANDRA-9945 can currently be used
> for commitlog and hints. The default {{KeyProvider}} implementation that we
> ship allows to use a local keystore for storing and retrieving keys. Thanks
> to the pluggable handling of the {{KeyStore}} provider and basic Vault
> related classes introduced in CASSANDRA-13971, a Vault based implementation
> can be provided as {{KeyProvider}} as well.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
-
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-14102) Vault support for transparent data encryption
[
https://issues.apache.org/jira/browse/CASSANDRA-14102?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16320298#comment-16320298
]
Stefan Podkowinski commented on CASSANDRA-14102:
Performance impact by using the Vault key provider instead of a local keystore?
Or the optimization of EncryptionContext use?
Each key for any key alias is immutable and will be cached infinitely. The
interaction with Vault should thus be minimal and in most cases we will only
call Vault once on startup, to retrieve the key. With CASSANDRA-14107 we also
call Vault to check for new keys and to fetch them. But also only sporadically.
As for the optimization of EncryptionContext use it probably depends on how
many encrypted committlog segments and hint files are being generated. Not so
trivial to create a good benchmark for that.
> Vault support for transparent data encryption
> -
>
> Key: CASSANDRA-14102
> URL: https://issues.apache.org/jira/browse/CASSANDRA-14102
> Project: Cassandra
> Issue Type: New Feature
>Reporter: Stefan Podkowinski
>Assignee: Stefan Podkowinski
> Labels: encryption
> Fix For: 4.x
>
>
> Transparent data encryption provided by CASSANDRA-9945 can currently be used
> for commitlog and hints. The default {{KeyProvider}} implementation that we
> ship allows to use a local keystore for storing and retrieving keys. Thanks
> to the pluggable handling of the {{KeyStore}} provider and basic Vault
> related classes introduced in CASSANDRA-13971, a Vault based implementation
> can be provided as {{KeyProvider}} as well.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
-
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-14102) Vault support for transparent data encryption
[
https://issues.apache.org/jira/browse/CASSANDRA-14102?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16319903#comment-16319903
]
Romain Hardouin commented on CASSANDRA-14102:
-
It's a nice feature. Out of curiosity, did you make few benchmarks to measure
impacts on performances?
> Vault support for transparent data encryption
> -
>
> Key: CASSANDRA-14102
> URL: https://issues.apache.org/jira/browse/CASSANDRA-14102
> Project: Cassandra
> Issue Type: New Feature
>Reporter: Stefan Podkowinski
>Assignee: Stefan Podkowinski
> Labels: encryption
> Fix For: 4.x
>
>
> Transparent data encryption provided by CASSANDRA-9945 can currently be used
> for commitlog and hints. The default {{KeyProvider}} implementation that we
> ship allows to use a local keystore for storing and retrieving keys. Thanks
> to the pluggable handling of the {{KeyStore}} provider and basic Vault
> related classes introduced in CASSANDRA-13971, a Vault based implementation
> can be provided as {{KeyProvider}} as well.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
-
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-14102) Vault support for transparent data encryption
[
https://issues.apache.org/jira/browse/CASSANDRA-14102?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16311410#comment-16311410
]
Stefan Podkowinski commented on CASSANDRA-14102:
I've now pushed a few commits to address the concerns expressed in my previous
comment. Creating new {{EncryptionContext}} instances will now use the same
cipher factory and key caches with less generated garbage.
> Vault support for transparent data encryption
> -
>
> Key: CASSANDRA-14102
> URL: https://issues.apache.org/jira/browse/CASSANDRA-14102
> Project: Cassandra
> Issue Type: New Feature
>Reporter: Stefan Podkowinski
>Assignee: Stefan Podkowinski
> Labels: encryption
> Fix For: 4.x
>
>
> Transparent data encryption provided by CASSANDRA-9945 can currently be used
> for commitlog and hints. The default {{KeyProvider}} implementation that we
> ship allows to use a local keystore for storing and retrieving keys. Thanks
> to the pluggable handling of the {{KeyStore}} provider and basic Vault
> related classes introduced in CASSANDRA-13971, a Vault based implementation
> can be provided as {{KeyProvider}} as well.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
-
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-14102) Vault support for transparent data encryption
[
https://issues.apache.org/jira/browse/CASSANDRA-14102?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16296472#comment-16296472
]
Stefan Podkowinski commented on CASSANDRA-14102:
I think the whole life-cycle handling of {{EncryptionContext}} and
{{CipherFactory}} could need a review along with this patch as well. Each hint
file and commitlog segment will need to instantiate it's own EncryptionContext
before it can be decrypted, see {{EncryptionContext.createFromMap}}. This will
also imply to create a new CipherFactory, including a dedicated caffeine cache
and expensive reflection based configuration and {{KeyProvider}} construction.
I'm also not sure that we really keep the KeyProvider contract: _"Further, each
key will be requested non-concurrently (that is, no stampeding herds for the
same key), although unique keys may be requested concurrently (unless you mark
@code getSecretKey synchronized)."_ If we create 100x EncryptionContext
instances there will be just that much key requests against Vault or any other
implementation.
> Vault support for transparent data encryption
> -
>
> Key: CASSANDRA-14102
> URL: https://issues.apache.org/jira/browse/CASSANDRA-14102
> Project: Cassandra
> Issue Type: New Feature
>Reporter: Stefan Podkowinski
>Assignee: Stefan Podkowinski
> Labels: encryption
> Fix For: 4.x
>
>
> Transparent data encryption provided by CASSANDRA-9945 can currently be used
> for commitlog and hints. The default {{KeyProvider}} implementation that we
> ship allows to use a local keystore for storing and retrieving keys. Thanks
> to the pluggable handling of the {{KeyStore}} provider and basic Vault
> related classes introduced in CASSANDRA-13971, a Vault based implementation
> can be provided as {{KeyProvider}} as well.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
-
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
