hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Purtell (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (HBASE-11446) Reduce the frequency of RNG calls in SecureWALCellCodec#EncryptedKvEncoder
Date Tue, 01 Jul 2014 05:24:25 GMT

    [ https://issues.apache.org/jira/browse/HBASE-11446?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14048530#comment-14048530
] 

Andrew Purtell edited comment on HBASE-11446 at 7/1/14 5:24 AM:
----------------------------------------------------------------

bq. So the random IV is made once (in the life time of a the RS) and then onwards the IVs
are predictable.

IVs are not secret. In fact they are recorded with the data. It is important that no data
+ key + IV combination repeat. Both the per WAL secret key and the initial IV for each thread
local are initialized with a value drawn from a secure random number generator. This is a
reasonable scheme.


was (Author: apurtell):
bq. So the random IV is made once (in the life time of a the RS) and then onwards the IVs
are predictable.

That's not how IVs work. IVs are not secret. In fact they are recorded with the data. It is
important that no data + key + IV combination repeat. Both the per WAL secret key and the
initial IV for each thread local are initialized with a value drawn from a secure random number
generator. This is a reasonable scheme.

> Reduce the frequency of RNG calls in SecureWALCellCodec#EncryptedKvEncoder
> --------------------------------------------------------------------------
>
>                 Key: HBASE-11446
>                 URL: https://issues.apache.org/jira/browse/HBASE-11446
>             Project: HBase
>          Issue Type: Improvement
>            Reporter: Andrew Purtell
>            Assignee: Andrew Purtell
>             Fix For: 0.99.0, 0.98.4
>
>         Attachments: HBASE-11446.patch
>
>
> By reducing the frequency of RNG calls in SecureWALCellCodec#EncryptedKvEncoder we can
save 37% of on CPU time in that method and 3% of total on CPU time during an ingest test.
WAL processing is a critical latency sensitive area.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message