Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-12275

Client-side file data encryption


    • Type: New Feature
    • Status: Resolved
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: Lustre 2.14.0
    • Fix Version/s: Lustre 2.14.0
    • Labels:
    • Rank (Obsolete):


      This ticket is a place-holder to describe work to be done for client-side encryption.

      The high-level requirements are the following:

      • encrypt file content
      • encrypt file name
      • have a master key for encryption
        • per-file encryption key derived from master key
        • file data is no longer accessible after file is deleted
      • able to change the user key without re-encrypting files
      • deny access to encrypted data when master key is removed from memory on the client
      • work in "batch scheduler" mode

      We are proposing to address these requirements by:

      So the workflow would be the following:

      • applications see clear text
      • data is encrypted before being sent to servers
        • then remain untouched
      • data is decrypted upon receipt from servers
        • untouched before that
      • servers only see encrypted data
        • but do not need to be aware of it
      • only client nodes have access to encryption keys

      Further details will be added as the feature design makes progress.


        1. lustre_encryption_access_semantics.txt
          6 kB
          Sebastien Buisson
        2. lustre_encryption_key_hierarchy.txt
          5 kB
          Sebastien Buisson
        3. lustre_encryption_modes_usage.txt
          4 kB
          Sebastien Buisson
        4. lustre_encryption_threat_model.txt
          7 kB
          Sebastien Buisson

          Issue Links



              • Assignee:
                sebastien Sebastien Buisson
                sebastien Sebastien Buisson
              • Votes:
                0 Vote for this issue
                9 Start watching this issue


                • Created: