dongjoon-hyun commented on code in PR #45425: URL: https://github.com/apache/spark/pull/45425#discussion_r1525393098
########## common/network-common/src/main/java/org/apache/spark/network/crypto/README.md: ########## @@ -99,3 +114,13 @@ sessions. It would, however, allow impersonation of future sessions. In the event of a pre-shared key compromise, messages would still be confidential from a passive observer. Only active adversaries spoofing a session would be able to recover plaintext. +Security Changes & Compatibility +------------- + +The original version of this protocol, retroactively called v1.0, did not apply an HKDF to `sharedSecret` and was +directly using the encoded X coordinate as key material. This is atypical and standard practice is to pass that shared +coordinate through an HKDF. The current version, v1.1, adds this additional HKDF to +derive `derivedKey`. Review Comment: +1 for @mridulm 's recommendation. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
