You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hbase.apache.org by "Andrew Purtell (JIRA)" <ji...@apache.org> on 2014/07/01 07:24:24 UTC

[jira] [Comment Edited] (HBASE-11446) Reduce the frequency of RNG calls in SecureWALCellCodec#EncryptedKvEncoder

    [ https://issues.apache.org/jira/browse/HBASE-11446?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14048530#comment-14048530 ] 

Andrew Purtell edited comment on HBASE-11446 at 7/1/14 5:23 AM:
----------------------------------------------------------------

bq. So the random IV is made once (in the life time of a the RS) and then onwards the IVs are predictable.

That's not how IVs work. IVs are not secret. In fact they are recorded with the data. It is important that no data + key + IV combination repeat. Both the per WAL secret key and the initial IV for each thread local are initialized with a value drawn from a secure random number generator. This is a reasonable scheme.


was (Author: apurtell):
bq. So the random IV is made once (in the life time of a the RS) and then onwards the IVs are predictable.

That's not how IVs work. IVs are not secret. In fact they are recorded with the data. It is important that no key and IV combination repeat. Both the WAL key and the initial IV are both initialized with a secure random number generator. This is a reasonable scheme.

> Reduce the frequency of RNG calls in SecureWALCellCodec#EncryptedKvEncoder
> --------------------------------------------------------------------------
>
>                 Key: HBASE-11446
>                 URL: https://issues.apache.org/jira/browse/HBASE-11446
>             Project: HBase
>          Issue Type: Improvement
>            Reporter: Andrew Purtell
>            Assignee: Andrew Purtell
>             Fix For: 0.99.0, 0.98.4
>
>         Attachments: HBASE-11446.patch
>
>
> By reducing the frequency of RNG calls in SecureWALCellCodec#EncryptedKvEncoder we can save 37% of on CPU time in that method and 3% of total on CPU time during an ingest test. WAL processing is a critical latency sensitive area.



--
This message was sent by Atlassian JIRA
(v6.2#6252)