Uploaded image for project: 'Spark'
  1. Spark
  2. SPARK-19139

AES-based authentication mechanism for Spark

    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 2.2.0
    • 2.2.0
    • Spark Core
    • None

    Description

      In SPARK-13331, support for AES encryption was added to the Spark network library. But the authentication of different Spark processes is still performed using SASL's DIGEST-MD5 mechanism. That means the authentication part is the weakest link; since the AES keys are currently encrypted using 3des (strongest cipher supported by SASL), Spark can't really claim to provide the full benefits of using AES for encryption.

      We should add a new auth protocol that doesn't need these disclaimers.

      Attachments

        Activity

          People

            vanzin Marcelo Masiero Vanzin
            vanzin Marcelo Masiero Vanzin
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: