ggershinsky opened a new issue #2060: URL: https://github.com/apache/iceberg/issues/2060
To protect integrity of Iceberg tables, the data and metadata files can be encrypted with an authenticated cipher (like AES GCM). Parquet encryption already uses such cipher, and provide tools to prevent file contents tampering or file replacement (https://github.com/apache/iceberg/issues/44). Parquet uses a built-in mechanism that leverages the internal columnar structure of parquet files, and applies AES GCM to the column pages (and other modules). In this ticket, we will design and build a generic mechanism for non-columnar file formats, that will use AES GCM to encrypt metadata Iceberg files (and Avro data files), making them tamper-proof. Like in Parquet encryption, it will be possible to assign an ID ("AAD Prefix") to each file, so both file tampering and file replacement attacks can be detected. Iceberg table integrity can be implemented by verifying the identity of all files, comprising the table - starting with verifying the table version signature in the catalog. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
