[Glass] Some basic internal questions about Encryption

Norm Green norm.green at gemtalksystems.com
Thu May 13 10:16:57 PDT 2021

Hi Bruno,

Each extent and tranlog has it's own (symmetric) session key, stored in 
the file in encrypted format.
Each session keys for each extent and tranlog is (asymetric) encrypted 
with the same public key and (asymetric) decrypted with the same private 
key (the private key used to start the stone).
So you only need 1 public/private key pair to access any extent or 
tranlog, but the session key for each extent or tranlog is different.

Does that make sense?


On 5/13/2021 10:07 AM, Bruno Buzzi Brassesco via Glass wrote:
> Hi,
> After reading the SysAdminGuide on encryption I have a couple of 
> questions to clarify some concepts:
> 1) Are Tranlogs encrypted with the same key passed as argument to 
> startstone ?
> (I think not, from manual:"Transaction logs written by a Stone using 
> encrypted extents are written in encrypted form, using the same 
> keypair as the extents.")
> Maybe my confusion is with the Sessions keys of each extent...
> 2) If there are multiple extents then which key pair is used to 
> encrypt the tranlog ?
> (because each extent has it own key, from manual: "Each extent has its 
> own unique session key.")
> regards,
> bruno
> _______________________________________________
> Glass mailing list
> Glass at lists.gemtalksystems.com
> https://lists.gemtalksystems.com/mailman/listinfo/glass

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gemtalksystems.com/mailman/private/glass/attachments/20210513/6ee5b1cd/attachment.htm>

More information about the Glass mailing list