Skip to content

Encryption spec #3191

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 5 commits into
base: develop
Choose a base branch
from
Draft

Encryption spec #3191

wants to merge 5 commits into from

Conversation

robert3005
Copy link
Contributor

@robert3005 robert3005 commented May 1, 2025
edited
Loading

There's still some extraneous comments in the flatbuffer that need answering

a10y
a10y reviewed May 1, 2025
View reviewed changes
vortex-flatbuffers/flatbuffers/vortex-file/footer.fbs Outdated
Comment on lines 114 to 116
// Do we need random access to the encrypted bytes? Since our individual blocks are relatively small there should be a minor
// difference between slicing the block and decrypting the whole thing, however, maybe there is?
// AES_CTR = 1,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think for 2MB segments the performance difference could be meaningful for random-access. Basically if we use GCM and we have multi-MB blocks, we lose the benefit of the granular zone maps. Maybe that's just the price you pay?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we can write a benchmark to measure this. Would tell us how big is the difference. There’s also storage overhead. Generally nonces in gcm are random but ctr lets you get away with counter

@robert3005
Copy link
Contributor Author

robert3005 commented May 1, 2025
edited
Loading

I think if we want to add ctr mode we benefit from additional storage place for IV somewhere next to segment spec so we can actually randomly seek without reading first few bytes this is irrelevant whole segment is already in memory

@gatesn
Copy link
Contributor

gatesn commented May 2, 2025

this is irrelevant whole segment is already in memory

This isn't necessarily true for memory-mapped files

@robert3005
Copy link
Contributor Author

I think for memory mapped files the overhead of reading additional 12-16 bytes might not be that relevant but could would let us skip loading one extra page

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@a10y a10y a10y left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@robert3005 @gatesn @a10y