gitlab-com-seaweedfs/seaweedfs
1
0
Fork 0
mirror of https://github.com/seaweedfs/seaweedfs.git synced 2024-01-19 02:48:24 +00:00
Code Issues Projects Releases Wiki Activity

Updated Filer Data Encryption (markdown)

Chris Lu 2020-03-06 09:11:12 -08:00
parent 31a72ae842
commit 5369cc7d23
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
Filer-Data-Encryption.md

@ -13,5 +13,10 @@ So the volume data on the volume servers are encrypted and should be safe. As lo
### Safely Forget Data
Another side is, with GDPR, companies are required to "forget" customer data after some time. If the volume data is stored on a glacial storage system, it is cumbersome to dig them out and destroy them. It is much easier to just delete the metadata, and the volume data is automatically "destroyed".
### Encryption Algorithm
The encryption is through GCM https://en.wikipedia.org/wiki/Galois/Counter_Mode
There is one randomly generated cipher key of 256 bits for each file chunk. One file has one or many file chunks. By default the chunk size is 32MB. The cipher code is here https://github.com/chrislusf/seaweedfs/blob/master/weed/util/cipher.go
### Note
The volume servers are agnostic to encryption. There are no encryption if you only use master and volume servers as an object store.