[
https://issues.apache.org/jira/browse/NIFI-7669?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Pierre Villard updated NIFI-7669:
---------------------------------
Fix Version/s: 1.12.0
Resolution: Fixed
Status: Resolved (was: Patch Available)
> Add flow protection key caching mechanism for derived keys
> ----------------------------------------------------------
>
> Key: NIFI-7669
> URL: https://issues.apache.org/jira/browse/NIFI-7669
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Configuration, Core Framework
> Reporter: Andy LoPresto
> Assignee: Andy LoPresto
> Priority: Major
> Labels: caching, encryption, kdf, performance, security
> Fix For: 1.12.0
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> The specific algorithm introduced in NIFI-7638 introduces a ~1 sec delay in
> every encryption operation (which occurs during every flow synchronization
> and serialization to disk) due to the Argon2 KDF process. This is an
> acceptable tradeoff for security-conscious users at this time, but can be
> improved through a key caching mechanism in memory. Deriving the key once at
> application startup and using it directly will remove this delay, and the key
> cannot change without an application restart.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
