[SPARK-47172] Upgrade Transport block cipher mode to GCM - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Open
Priority: Minor
Resolution: Unresolved
Affects Version/s: 3.4.2, 3.5.0
Fix Version/s: None
Component/s: Security
Labels:
None

Description

The cipher transformation currently used for encrypting RPC calls is an unauthenticated mode (AES/CTR/NoPadding). This needs to be upgraded to an authenticated mode (AES/GCM/NoPadding) to prevent ciphertext from being modified in transit.

The relevant line is here: https://github.com/apache/spark/blob/a939a7d0fd9c6b23c879cbee05275c6fbc939e38/common/network-common/src/main/java/org/apache/spark/network/util/TransportConf.java#L220

GCM is relatively more computationally expensive than CTR and adds a 16-byte block of authentication tag data to each payload.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Steve Weis

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Due:: 26/Mar/24

Created:: 26/Feb/24 17:53

Updated:: 18/Apr/24 05:47