hbase-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Purtell (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HBASE-10065) Stronger validation of key unwrapping
Date Mon, 02 Dec 2013 09:07:35 GMT
Andrew Purtell created HBASE-10065:
--------------------------------------

             Summary: Stronger validation of key unwrapping
                 Key: HBASE-10065
                 URL: https://issues.apache.org/jira/browse/HBASE-10065
             Project: HBase
          Issue Type: Improvement
            Reporter: Andrew Purtell
            Assignee: Andrew Purtell
            Priority: Minor
             Fix For: 0.98.0


In EncryptionUtil#unwrapKey we use a CRC32 to validate the successful unwrapping of a data
key. I chose a CRC32 to limit overhead. There is only a 1 in 2^32 chance of a random collision,
low enough to be extremely unlikely. However, I was talking with my colleague Jerry Chen today
about this. A cryptographic hash would lower the probability to essentially zero and we are
only wrapping data keys once per HColumnDescriptor and once per HFile, saving a few bytes
here and there only really. Might as well use the SHA of the data key and in addition consider
running AES in GCM mode to cover that hash as additional authenticated data.



--
This message was sent by Atlassian JIRA
(v6.1#6144)

Mime
View raw message