Uploaded image for project: 'Spark'
  1. Spark
  2. SPARK-19139

AES-based authentication mechanism for Spark

    Details

    • Type: New Feature
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.2.0
    • Fix Version/s: 2.2.0
    • Component/s: Spark Core
    • Labels:
      None

      Description

      In SPARK-13331, support for AES encryption was added to the Spark network library. But the authentication of different Spark processes is still performed using SASL's DIGEST-MD5 mechanism. That means the authentication part is the weakest link; since the AES keys are currently encrypted using 3des (strongest cipher supported by SASL), Spark can't really claim to provide the full benefits of using AES for encryption.

      We should add a new auth protocol that doesn't need these disclaimers.

        Issue Links

          Activity

          Hide
          apachespark Apache Spark added a comment -

          User 'vanzin' has created a pull request for this issue:
          https://github.com/apache/spark/pull/16521

          Show
          apachespark Apache Spark added a comment - User 'vanzin' has created a pull request for this issue: https://github.com/apache/spark/pull/16521

            People

            • Assignee:
              vanzin Marcelo Vanzin
              Reporter:
              vanzin Marcelo Vanzin
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development