[jira] [Commented] (HADOOP-19869) Modernize secret manager default algorithm and key length

Thu, 23 Apr 2026 04:05:07 -0700 


    [ 
https://issues.apache.org/jira/browse/HADOOP-19869?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18075665#comment-18075665
 ] 

ASF GitHub Bot commented on HADOOP-19869:
-----------------------------------------

steveloughran commented on PR #8453:
URL: https://github.com/apache/hadoop/pull/8453#issuecomment-4303851245

   @pan3793 +1 for retiring jenkins tests GHA can do
   
   @cnauroth this can be backported. It's just the defaults, We'd log as 
incompatible and say you can change back.
   
   It only affects the shared secrets between running services (mr AM and 
workers, for example), and then it is static...the AM doesn't verify it can 
recreate it, just that it got the same back.
   
   only one I am worried about is HDFS and rolling upgrades. Does a change to 
keylength/algorithm for new shared secrets cause problems?




> Modernize secret manager default algorithm and key length
> ---------------------------------------------------------
>
>                 Key: HADOOP-19869
>                 URL: https://issues.apache.org/jira/browse/HADOOP-19869
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: security
>    Affects Versions: 3.5.0, 3.4.3
>            Reporter: Steve Loughran
>            Assignee: Steve Loughran
>            Priority: Minor
>              Labels: pull-request-available
>
> While doing other cleanup, I've noticed that the default checksum algorithm 
> and key length for generating secrets (block tokens, job tokens) are out of 
> date by modern standards. Not broken, just weak.
> Change the defaults to sha256 and 256 bits.
> Note that Sha 256 is becoming more vulnerable; not worrying about that as 
> these are ephemeral secrets
> [https://stateofutopia.com/papers/2/we-broke-92-percent-of-sha-256.html]
> This is the same as setting
> {{hadoop.security.secret-manager.key-length 256}}
> {{hadoop.security.secret-manager.key-generator.algorithm HmacSHA256}}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to