hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Purtell (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HBASE-13511) Derive data keys with HKDF
Date Mon, 20 Apr 2015 17:36:58 GMT

     [ https://issues.apache.org/jira/browse/HBASE-13511?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Andrew Purtell updated HBASE-13511:
-----------------------------------
    Description: 
When we are locally managing master key material, when users have supplied their own data
key material, derive the actual data keys using HKDF (https://tools.ietf.org/html/rfc5869)

DK' = HKDF(S, DK, MK)

where

S = salt
DK = user supplied data key
MK = master key

DK' = derived data key for the HFile

User supplied key material may be weak or an attacker may have some partial knowledge of it.

Salt S doesn't need to be secret and can be stored with the derived data key.

Where we generate random data keys we can still use HKDF as a way to mix more entropy into
the secure random generator. 

DK' = HKDF(R, MK)

where

R = random key material drawn from the system's secure random generator
MK = master key

(Salting isn't useful here because salt S and R would be drawn from the same pool, so will
not have statistical independence.)

  was:
When we are locally managing master key material, when users have supplied their own data
key material, derive the actual data keys using HKDF (https://tools.ietf.org/html/rfc5869)

DK' = HKDF(S, DK, MK)

where

S = salt
DK = user supplied data key
MK = master key

DK' = derived data key for the HFile

User supplied key material may be weak or an attacker may have some partial knowledge of it.

Where we generate random data keys we can still use HKDF as a way to mix more entropy into
the secure random generator. 

DK' = HKDF(R, MK)

where

R = random key material drawn from the system's secure random generator
MK = master key

(Salting isn't useful here because salt S and R would be drawn from the same pool, so will
not have statistical independence.)


> Derive data keys with HKDF
> --------------------------
>
>                 Key: HBASE-13511
>                 URL: https://issues.apache.org/jira/browse/HBASE-13511
>             Project: HBase
>          Issue Type: Sub-task
>          Components: encryption, security
>            Reporter: Andrew Purtell
>            Assignee: Andrew Purtell
>            Priority: Minor
>             Fix For: 2.0.0, 1.1.0, 0.98.13, 1.0.2
>
>
> When we are locally managing master key material, when users have supplied their own
data key material, derive the actual data keys using HKDF (https://tools.ietf.org/html/rfc5869)
> DK' = HKDF(S, DK, MK)
> where
> S = salt
> DK = user supplied data key
> MK = master key
> DK' = derived data key for the HFile
> User supplied key material may be weak or an attacker may have some partial knowledge
of it.
> Salt S doesn't need to be secret and can be stored with the derived data key.
> Where we generate random data keys we can still use HKDF as a way to mix more entropy
into the secure random generator. 
> DK' = HKDF(R, MK)
> where
> R = random key material drawn from the system's secure random generator
> MK = master key
> (Salting isn't useful here because salt S and R would be drawn from the same pool, so
will not have statistical independence.)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message