[MDEV-12041] Implement key rotation for innodb_encrypt_log Created: 2017-02-10  Updated: 2021-09-30  Resolved: 2018-08-13

Status: Closed
Project: MariaDB Server
Component/s: Storage Engine - InnoDB
Fix Version/s: 10.4.0

Type: Task Priority: Major
Reporter: Marko Mäkelä Assignee: Marko Mäkelä
Resolution: Fixed Votes: 1
Labels: None

Issue Links:
Blocks
is blocked by MDEV-11782 Redefine the innodb_encrypt_log format Closed
Problem/Incident
is caused by MDEV-9422 Encrypted redo log checksum errors on... Closed
Relates
relates to MDEV-13044 Do not create a redo log checkpoint a... Closed
relates to MDEV-13318 Crash recovery failure after the serv... Closed
relates to MDEV-14425 Change the InnoDB redo log format to ... Closed
relates to MDEV-21949 key rotation for innodb_encrypt_log i... Closed

 Description   

MDEV-9422 disabled the key rotation for the encrypted InnoDB redo log, because the used approach of writing multiple key metadata to the checkpoint page did not work.

A better approach would seem to be the following:

  • In the redo log checkpoint page, write the current key version identifier.
  • When the redo log key is going to be rotated:
  1. Write a MLOG_KEY_ROTATE record with the information of the new (rotated) key
  2. Pad the end of the log block, and encrypt this block with the old key.
  3. Starting from the next log block, encrypt using the rotated key.

This approach has the problem that writing log involves double buffering, and the log block boundaries are not known until the final copying, which happens under mutex protection. It would be simpler to do the following:

  • In each encrypted log block, write the encryption key version. (This would reduce the 512-byte logical block payload size from 496 to 492 bytes, or from 97% to 96%.)

 Comments   
Comment by Marko Mäkelä [ 2017-09-12 ]

As a part of this work, InnoDB should periodically change the random encryption parameters that are initialized in log_crypt_init(). These parameters could be changed much more frequently than the encryption key. Maybe we should assign and store a random nonce in each redo log block? Maybe the logical redo log block size should be larger than 512 bytes?

Starting with MDEV-13318, log_crypt_init() will only be invoked when rebuilding the redo logs.

Comment by Marko Mäkelä [ 2017-11-21 ]

This could be implemented as part of MDEV-14425 by writing an encryption key ID in each redo log block.

Comment by Marko Mäkelä [ 2018-08-13 ]

Starting with MariaDB 10.4.0, the encrypted InnoDB redo log format will reserve 4 bytes at the end of each 512-byte redo log block for the encryption key version. This allows key rotation at any time. For performance reasons, we will attempt key rotation only when writing log as part of a redo log checkpoint.

Generated at Thu Feb 08 07:54:39 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.