[jboss-jira] [JBoss JIRA] (JGRP-1897) ENCRYPT might drop messages during key change

Tero Leppikangas (JIRA) issues at jboss.org
Thu Dec 4 07:28:39 EST 2014 

    [ https://issues.jboss.org/browse/JGRP-1897?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13025146#comment-13025146 ] 

Tero Leppikangas commented on JGRP-1897:
----------------------------------------

When starting to queue up messages when receiving a message with unknown cipher cannot work in situations where the joining node receives multicast messages encrypted (with previous key) after it already has acquired the new cipher, so the queuing solution is invalid.
Currently we decided to drop ENCRYPT from our stack and to figure out a way to encrypt data at some later point since using ENCRYPT with changing symmetric ciphers above AUTH is not working.
For me it is ok to resolve this with won't fix.

> ENCRYPT might drop messages during key change
> ---------------------------------------------
>
>                 Key: JGRP-1897
>                 URL: https://issues.jboss.org/browse/JGRP-1897
>             Project: JGroups
>          Issue Type: Bug
>            Reporter: Tero Leppikangas
>            Assignee: Bela Ban
>             Fix For: 3.6.2
>
>
> ENCRYPT might drop some (unicast) messages encrypted with unknown key if the delivery of new view is delayed.
> This problem was noticed while doing some stress testing on the fix for JGRP-1893.
> When view changes, coordinator multicasts the new view after which is starts using new symmetric keys. If some node receives a message sent with the new key before the new view is received, the received message will be dropped since it cannot be decrypted.
> We thought of possible solutions to be.
> 1. Sender specific queue holding the messages received.
> 2. Starting to queue up messages until new view has been received
> I have implemented the second option which is quite straightforward, but it could lead into problems when receiving message with unknown key that is not related to coming view change.
> I wonder if there is another way to overcome this problem?



--
This message was sent by Atlassian JIRA
(v6.3.8#6338)

More information about the jboss-jira mailing list