Re: Improving Data-At-Rest encryption in Ceph

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Martin Millnert <martin@millnert.se>
To: Gregory Farnum <gfarnum@redhat.com>
Cc: Radoslaw Zarzynski <rzarzynski@mirantis.com>,
	Ceph Development <ceph-devel@vger.kernel.org>,
	Adam Kupczyk <akupczyk@mirantis.com>
Subject: Re: Improving Data-At-Rest encryption in Ceph
Date: Mon, 14 Dec 2015 23:02:06 +0100	[thread overview]
Message-ID: <1450130526.1035.24.camel@millnert.se> (raw)
In-Reply-To: <CAJ4mKGZP3oHt6Rgsp_pogcAZEmBzcQzDc4vzESDjPyoxJKoBUw@mail.gmail.com>

On Mon, 2015-12-14 at 12:28 -0800, Gregory Farnum wrote:
> On Mon, Dec 14, 2015 at 5:17 AM, Radoslaw Zarzynski
<snip>
> > In typical case ciphertext data transferred from OSD to OSD can be
> > used without change. This is when both OSDs have the same crypto key
> > version for given placement group. In rare cases when crypto keys are
> > different (key change or transition period) receiving OSD will recrypt
> > with local key versions.
> 
> I don't understand this part at all. Do you plan to read and rewrite
> the entire PG whenever you change the "key version"? How often do you
> plan to change these keys? What is even the point of changing them,
> since anybody who can control an OSD can grab the entire current key
> set?

You may have leaked keys without having leaked ciphertext.
The typical use case for FDE/SED is IMO being able to RMA drives.
Nothing more than that.

> > For compression to be effective it must be done before encryption. Due
> > to that encryption may be applied differently for replication pools
> > and EC pools. Replicated pools do not implement compression; for those
> > pools encryption is applied right after data enters OSD. For EC pools
> > encryption is applied after compressing. When compression will be
> > implemented for replicated pools, it must be placed before encryption.
> 
> So this means you'll be encrypting the object data, but not the omap
> nor xattrs, and not the file names on disk. Is that acceptable to
> people? It's probably fine for a lot of rbd use cases, but not for
> RGW, CephFS, nor raw RADOS where meaningful metadata (and even *data*)
> is stored in those regions. I'd rather a solution worked on the full
> data set. :/
> -Greg

This is indeed the largest weakness of the proposal.

I'm lacking a bit on the motivation for what problem this solution
solves that a dm-crypt-based solution doesn't address? When, except for
snooping, is it a desired design to not encrypt all the things?

I guess one could say: "ciphertext would be transferred on the network".
But, it's incomplete. Internal transport encryption (and better auth)
for Ceph is a different problem.

I'd probably rather dm-crypt key management processes were refined and
improved (saying this without knowing the state of any current
implementations for Ceph), and have a solid FDE solution than a solution
that doesn't encrypt metadata. Only encrypting data but not metadata
isn't sufficient anymore...

/M

next prev parent reply	other threads:[~2015-12-14 22:02 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-12-14 13:17 Improving Data-At-Rest encryption in Ceph Radoslaw Zarzynski
2015-12-14 20:28 ` Gregory Farnum
2015-12-14 22:02   ` Martin Millnert [this message]
2015-12-14 22:32     ` Gregory Farnum
2015-12-16  2:13       ` Andrew Bartlett
2015-12-15 10:13     ` Adam Kupczyk
2015-12-15 10:04   ` Adam Kupczyk
     [not found]   ` <CAHMeWhGgHWq=jPZfj8s_KCB=wLhsBNCyJjZSBQQFZXc8r63M7A@mail.gmail.com>
2015-12-15 21:04     ` Gregory Farnum
2015-12-16 15:13       ` Adam Kupczyk
2015-12-16 15:36       ` Radoslaw Zarzynski
2015-12-14 21:52 ` Martin Millnert
2015-12-15 20:40   ` Radoslaw Zarzynski
2015-12-15 14:23 ` Lars Marowsky-Bree
2015-12-15 14:59   ` Sage Weil
2015-12-15 23:31   ` Matt Benjamin
2015-12-16 22:29   ` Adam Kupczyk
2015-12-16 22:33     ` Sage Weil
2015-12-21  8:21       ` Adam Kupczyk
2016-01-18  8:05         ` Adam Kupczyk
2016-01-18 12:21           ` Lars Marowsky-Bree
2016-01-25 19:05             ` Radoslaw Zarzynski
2016-01-25 22:20               ` Kyle Bader
2016-01-24 13:45 ` John Hunter

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1450130526.1035.24.camel@millnert.se \
    --to=martin@millnert.se \
    --cc=akupczyk@mirantis.com \
    --cc=ceph-devel@vger.kernel.org \
    --cc=gfarnum@redhat.com \
    --cc=rzarzynski@mirantis.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.