Re: [PR] Spec additions for encryption [iceberg]

Sun, 23 Feb 2025 08:20:47 -0800 


smaheshwar-pltr commented on code in PR #12162:
URL: https://github.com/apache/iceberg/pull/12162#discussion_r1966827127


##########
format/spec.md:
##########
@@ -975,6 +978,23 @@ The unified partition type looks like `Struct<field#1, 
field#2, field#3>`.
 and then the table has evolved into `spec#1` which has just one field 
`{field#2}`.
 The unified partition type looks like `Struct<field#1, field#2>`.
 
+#### Encryption Keys
+
+Encryption keys and metadata required for decrypting the manifest list files 
in encrypted tables.
+There are two types of entries:
+1. `key-metadata`: serialized key-metadata of the encrypted manifest list 
files. The key-metadata objects include encryption keys and other fields 
required to decrypt a file. Since these objects are sensitive, the serialized 
key-metadata byte arrays are encrypted by another key. The encryption is done 
via the integrity-preserving AES GCM cipher, using the snapshot ID as the AAD 
(additional authentication data) parameter. The result of the encryption is 
converted to a string via base64 encoding.
+2. `key`: the AES GCM key that encrypts the manifest list key-metadata. Since 
these keys are sensitive, they are wrapped/encrypted in a Key Management 
Service (KMS), using the table master key. The result of the wrapping is 
converted to a string via base64 encoding.

Review Comment:
   ```suggestion
   2. `key`: the AES GCM key that encrypts the manifest list key-metadata. 
Since these keys are sensitive, they are encrypted, or "wrapped", by a Key 
Management Service (KMS), using the table master key. KMS-wrapped keys are 
converted to strings via base64 encoding.
   ```
   
   maybe defines "KMS-wrapping" a bit more clearly?



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org
For additional commands, e-mail: issues-h...@iceberg.apache.org

Reply via email to