Colin Ma created HBASE-16414:
--------------------------------
Summary: Improve performance for RPC encryption with Apache Common
Crypto
Key: HBASE-16414
URL: https://issues.apache.org/jira/browse/HBASE-16414
Project: HBase
Issue Type: Improvement
Components: IPC/RPC
Affects Versions: 2.0.0
Reporter: Colin Ma
Assignee: Colin Ma
Hbase RPC encryption is enabled by setting “hbase.rpc.protection” to "privacy".
With the token authentication, it utilized DIGEST-MD5 mechanisms for secure
authentication and data protection. For DIGEST-MD5, it uses DES, 3DES or RC4 to
do encryption and it is very slow, especially for Scan. This will become the
bottleneck of the RPC throughput.
Apache Commons Crypto is a cryptographic library optimized with AES-NI. It
provides Java API for both cipher level and Java stream level. Developers can
use it to implement high performance AES encryption/decryption with the minimum
code and effort. Compare with the current implementation of
org.apache.hadoop.hbase.io.crypto.aes.AES, Crypto supports both JCE Cipher and
OpenSSL Cipher which is better performance than JCE Cipher. User can configure
the cipher type and the default is JCE Cipher.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
