Transition to simpler key management #80
Merged
+399
−450
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Paulo Gomes <pjbgf@linux.com>
Move away from key hierarchy keys, into a simpler data slicing instead.
The use of key hierarchy, saving the DEKs alongside the data, is very
effective when there is a need for long-term storage. As Lasso's KEK is
not persisted externally, once the instance restarts the encrypted data
can no longer be used as the DEKs can't be decrypted.
Due to that, a more performant approach would be do away with the KEK, and
keep all the DEKs in memory. The encrypted data now has a keyID, as opposed
to having an encrypted DEK and its nonce.
As a result, the encryption process had a throughput increase of ~260MB/s
and a 22% decrease in allocations. Conversely, the decryption process had
throughput increase of ~400MB/s and a 50% decrease in allocations.
Storage-wise, this approach consumes 28 bytes less per saved row which also
translates of less data loaded into memory.
goos: linux
goarch: amd64
pkg: github.com/rancher/lasso/pkg/cache/sql/encryption
cpu: 11th Gen Intel(R) Core(TM) i7-11800H @ 2.30GHz
│ /tmp/before │ /tmp/after │
│ sec/op │ sec/op vs base │
Encryption/encrypt-1024-16 1.847µ ± 7% 1.316µ ± 6% -28.73% (p=0.000 n=10)
Encryption/encrypt-4096-16 3.059µ ± 4% 2.480µ ± 6% -18.93% (p=0.000 n=10)
Encryption/encrypt-8192-16 4.395µ ± 5% 3.705µ ± 6% -15.71% (p=0.000 n=10)
Decryption/decrypt-1024-16 1390.5n ± 4% 883.9n ± 3% -36.43% (p=0.000 n=10)
Decryption/decrypt-4096-16 2.660µ ± 5% 2.050µ ± 3% -22.95% (p=0.000 n=10)
Decryption/decrypt-8192-16 3.986µ ± 4% 3.444µ ± 4% -13.61% (p=0.000 n=10)
geomean 2.675µ 2.056µ -23.14%
│ /tmp/before │ /tmp/after │
│ B/s │ B/s vs base │
Encryption/encrypt-1024-16 529.0Mi ± 8% 742.2Mi ± 6% +40.32% (p=0.000 n=10)
Encryption/encrypt-4096-16 1.247Gi ± 4% 1.539Gi ± 6% +23.39% (p=0.000 n=10)
Encryption/encrypt-8192-16 1.736Gi ± 5% 2.059Gi ± 5% +18.61% (p=0.000 n=10)
Decryption/decrypt-1024-16 702.1Mi ± 4% 1104.8Mi ± 3% +57.35% (p=0.000 n=10)
Decryption/decrypt-4096-16 1.434Gi ± 5% 1.861Gi ± 3% +29.77% (p=0.000 n=10)
Decryption/decrypt-8192-16 1.914Gi ± 4% 2.215Gi ± 3% +15.74% (p=0.000 n=10)
geomean 1.132Gi 1.473Gi +30.12%
│ /tmp/before │ /tmp/after │
│ B/op │ B/op vs base │
Encryption/encrypt-1024-16 2.078Ki ± 0% 2.016Ki ± 0% -3.01% (p=0.000 n=10)
Encryption/encrypt-4096-16 5.703Ki ± 0% 5.641Ki ± 0% -1.10% (p=0.000 n=10)
Encryption/encrypt-8192-16 10.20Ki ± 0% 10.14Ki ± 0% -0.61% (p=0.000 n=10)
Decryption/decrypt-1024-16 2.781Ki ± 0% 1.875Ki ± 0% -32.58% (p=0.000 n=10)
Decryption/decrypt-4096-16 5.781Ki ± 0% 4.875Ki ± 0% -15.68% (p=0.000 n=10)
Decryption/decrypt-8192-16 9.781Ki ± 0% 8.875Ki ± 0% -9.27% (p=0.000 n=10)
geomean 5.166Ki 4.590Ki -11.16%
│ /tmp/before │ /tmp/after │
│ allocs/op │ allocs/op vs base │
Encryption/encrypt-1024-16 9.000 ± 0% 7.000 ± 0% -22.22% (p=0.000 n=10)
Encryption/encrypt-4096-16 9.000 ± 0% 7.000 ± 0% -22.22% (p=0.000 n=10)
Encryption/encrypt-8192-16 9.000 ± 0% 7.000 ± 0% -22.22% (p=0.000 n=10)
Decryption/decrypt-1024-16 12.000 ± 0% 6.000 ± 0% -50.00% (p=0.000 n=10)
Decryption/decrypt-4096-16 12.000 ± 0% 6.000 ± 0% -50.00% (p=0.000 n=10)
Decryption/decrypt-8192-16 12.000 ± 0% 6.000 ± 0% -50.00% (p=0.000 n=10)
geomean 10.39 6.481 -37.64%
Signed-off-by: Paulo Gomes <pjbgf@linux.com>
moio
reviewed
Jul 1, 2024
There was a problem hiding this comment.
Great work @pjbgf , thank you very much for it!
Simpler code, better perf, better test coverage, better security... is there anything more I can really ask for? 😉 really appreciated!
There are a few nitpicks/cosmetic suggestions and only one nontrivial question on pkg/cache/sql/store/store.go - although that's definitely not a deal breaker in any case.
Once that is answered this is ready for my approval and will go to the Frameworks team for another round of review.
Signed-off-by: Paulo Gomes <pjbgf@linux.com>
|
I believe I worked through all the feedback on the new commit. The PR description is now updated with uint32 keyID and the latest benchstat. PTAL |
Signed-off-by: Silvio Moioli <silvio@moioli.net>
Signed-off-by: Silvio Moioli <silvio@moioli.net>
Signed-off-by: Silvio Moioli <silvio@moioli.net>
Signed-off-by: Silvio Moioli <silvio@moioli.net>
moio
approved these changes
Jul 2, 2024
Signed-off-by: Silvio Moioli <silvio@moioli.net>
Signed-off-by: Silvio Moioli <silvio@moioli.net>
Signed-off-by: Silvio Moioli <silvio@moioli.net>
tomleb
reviewed
Jul 3, 2024
There was a problem hiding this comment.
Overall looks good.
One concern on memory leaks and one missing lock call.
I'm not super confident with the mocks tests (not your fault) since in the past we've had passing unit tests but the code would fail to run because the integration of sql queries & encryptor was missing some parameters in the SQL. (We've already identified we'd like to have more integration tests for this). So, was this change compiled + tested by running Rancher? That'd make me more confident about the changes here.
moio
requested changes
Jul 4, 2024
Signed-off-by: Paulo Gomes <pjbgf@linux.com>
Signed-off-by: Paulo Gomes <pjbgf@linux.com>
Signed-off-by: Paulo Gomes <pjbgf@linux.com>
moio
approved these changes
Jul 4, 2024
|
Thanks for the persistence @pjbgf - latest fixes address all my concerns now FWIW I have also run the integration tests and they are all green rancher/rancher#46015 |
tomleb
approved these changes
Jul 4, 2024
10 tasks
krunalhinguu
pushed a commit
to krunalhinguu/lasso
that referenced
this pull request
Sep 18, 2024
Move away from key hierarchy keys, into a simpler data slicing instead. The use of key hierarchy, saving the DEKs alongside the data, is very effective when there is a need for long-term storage. As Lasso's KEK is not persisted externally, once the instance restarts the encrypted data can no longer be used as the DEKs can't be decrypted. Due to that, a more performant approach would be do away with the KEK, and keep all the DEKs in memory. The encrypted data now has a keyID, as opposed to having an encrypted DEK and its nonce. Signed-off-by: Paulo Gomes <pjbgf@linux.com> Signed-off-by: Silvio Moioli <silvio@moioli.net> Co-authored-by: Silvio Moioli <silvio@moioli.net>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Move away from key hierarchy keys, into simpler data slicing instead.
The use of key hierarchy, saving the DEKs alongside the data, is very
effective when there is a need for long-term storage. As Lasso's KEK is
not persisted externally, once the instance restarts the encrypted data
can no longer be used as the DEKs can't be decrypted.
Due to that, a more performant approach would be do away with the KEK, and
keep all the DEKs in memory. The stored data now has an uint32 keyID, as opposed
to having an encrypted DEK and its nonce - saving 40 bytes per row.
As a result, the encryption process had a throughput increase of ~260MB/s
and a 22% decrease in allocations. Conversely, the decryption process had
throughput increase of ~400MB/s and a 50% decrease in allocations.