lucene-solr icon indicating copy to clipboard operation
lucene-solr copied to clipboard
verified publisher icon apache

LUCENE-9379: Encrypting Directory - functional but to optimize

Open bruno-roustant opened this issue 5 years ago • 3 comments

Performance issue because of too many new Ciphers when slicing IndexInput. javax.crypto.Cipher is heavy weight to create and is stateful. I tried a CipherPool, but actually there are many cases where we need to get lots of slices of the IndexInput so we have to create lots of new stateful Cipher. The pool turns out to be a no-go, there are too many Cipher in it.

[Update] Now there is a lighter alternative to Cipher: LightAesCtrEncrypter. It has light constructor, initialization and cloning. And all tests pass.

bruno-roustant avatar Jun 24 '20 14:06 bruno-roustant

I'm -1 to this approach because it breaks the use of the OS cache (I stated this on the JIRA issue, it was ignored, I don't want anyone to forget).

Because we use the os filesystem cache, any encryption must also be done by os (filesystem, block level, etc) so that page caching works correctly.

rmuir avatar Jul 02 '20 10:07 rmuir

Lets use JIRA ( LUCENE-9379 ) to discuss higher level concerns and GitHub code reviews for code details.

dsmiley avatar Jul 02 '20 18:07 dsmiley

@bruno-roustant we tried to integrate your FileEncryptingDirectory in our use case. We before already did own attempts for a similar goal and in order to test it thoroughly we subclassed the org.apache.lucene.store.BaseDirectoryTestCase and gave an overwritten getDirectory() to instantiate the FileEncryptingDirectory.

Doing this, 2 tests were failing (not all the time, but most of the time):

  1. testThreadSafetyInListAll
  2. testSliceOfSlice

Maybe you have an idea how to fix this ?

martin-huber avatar May 27 '21 14:05 martin-huber