ggershinsky commented on issue #7373: URL: https://github.com/apache/arrow-rs/issues/7373#issuecomment-2789501024
> I don't think this is exactly what you have in mind, but I expect most users would want to use the key management tools API that is in progress and integrates with a KMS to encrypt and decrypt data encryption keys, rather than directly using the existing low level APIs. I have a PR open for that at [#7387](https://github.com/apache/arrow-rs/pull/7387) > > When that is used, the master encryption keys aren't exposed to the process but are managed by a KMS which will usually perform the encryption and decryption remotely. It encrypts and decrypts data encryption keys that are randomly generated per file, rather than decrypting the Parquet data directly. > > So the only keys that are kept in memory are keys that are limited in scope to a single Parquet file, limiting the damage that can be done if a key is exposed. > > cc [@ggershinsky](https://github.com/ggershinsky) you might have some thoughts on this topic. This is an accurate description of the security model, which follows the standard "envelope encryption" practice. The master keys never leave the KMS (typically HSM-based). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: github-unsubscr...@arrow.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
