You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hbase.apache.org by "Colin Ma (JIRA)" <ji...@apache.org> on 2016/08/15 06:51:20 UTC

[jira] [Created] (HBASE-16414) Improve performance for RPC encryption with Apache Common Crypto

Colin Ma created HBASE-16414:
--------------------------------

             Summary: Improve performance for RPC encryption with Apache Common Crypto
                 Key: HBASE-16414
                 URL: https://issues.apache.org/jira/browse/HBASE-16414
             Project: HBase
          Issue Type: Improvement
          Components: IPC/RPC
    Affects Versions: 2.0.0
            Reporter: Colin Ma
            Assignee: Colin Ma


Hbase RPC encryption is enabled by setting “hbase.rpc.protection” to "privacy". With the token authentication, it utilized DIGEST-MD5 mechanisms for secure authentication and data protection. For DIGEST-MD5, it uses DES, 3DES or RC4 to do encryption and it is very slow, especially for Scan. This will become the bottleneck of the RPC throughput.
Apache Commons Crypto is a cryptographic library optimized with AES-NI. It provides Java API for both cipher level and Java stream level. Developers can use it to implement high performance AES encryption/decryption with the minimum code and effort. Compare with the current implementation of org.apache.hadoop.hbase.io.crypto.aes.AES, Crypto supports both JCE Cipher and OpenSSL Cipher which is better performance than JCE Cipher. User can configure the cipher type and the default is JCE Cipher.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)