In distributed clusters of computing nodes it is frequently desirable to provide communications security for message traffic between nodes. Messages can be differentiated between control messages and user messages. Control messages are usually sent between system management software agents on the nodes which comprise the cluster to manipulate the state of the cluster and the nodes while user messages usually transmit application data via the cluster's communication facilities between application agents on the nodes.
Each message can usually be viewed as consisting of header information and payload. The header information usually contains data which controls the passage of the message through the cluster's communication facilities. The payload usually contains the information which the message is transmitting between two endpoint agents, which may be either system management or application entities.
Security can be provided across each of these dimensions in several ways. For example, encryption may be used where the byte sequence comprising a component of a message is permuted in some way by use of a function which takes the byte sequence and applies some permuting factor, usually called a key. The permuted byte sequence is then transmitted as the content of that component of the message, and the recipient of the message applies a complementary function and key to acquire the original byte sequence from the received permuted sequence. This provides data privacy in that the original value of the message component may only by acquired by actors that know the permuting key.
In addition, some form of signature and verification (authentication) may be used. In authentication, the byte sequence comprising a component of a message is characterized by a mathematical function, such as a checksum. The characterization is then encrypted (as described in the preceding) and the result is embedded in the message along with the unaltered byte sequence which was characterized. The recipient applies the same characterization to the byte sequence, encrypts the result, and compares its encrypted characterization to that embedded in the message. This provides data integrity in that if the two characterizations are equal, the recipient knows that the message data has not been altered.
Many different encryption algorithms exist. Two major subtypes are public key cryptography and shared secret key cryptography. In public key cryptography, a pair of permuting keys e.g. {k1,k2}, is used where each inverts the result of applying the encryption function to a given byte stream using the other key. In other words, a message encrypted using key k1 can be decrypted using key k2 and vice versa.
Typically, each node in a cluster will generate two keys. One, known as the node's “private key” will be kept secret and known only to the node. The other, known as the node's “public key”, will be shared with all other nodes.
Encryption of message content is accomplished by the sender using the public key of the recipient to encrypt the data. The message then can only be decrypted by the recipient's private key, which only the recipient knows.
Authentication may be accomplished by encrypting the message characterization with the sender's private key. All the recipient nodes can then verify the received message (encrypt their corresponding characterization and compare) using the sender's public key and prove that the message not only is unaltered, but also that it was in fact sent by the originator (since no other node's public key will encrypt the recipient's characterization to match the sender's encrypted characterization embedded in the message). Public key types currently in common use (distinguished by key length and permutation function used to encrypt) are RSA-512, RSA-1024, or the like.
In shared secret key cryptography, a single key value is used in a permuting function to encrypt a byte stream. The same key value used with the same function will permute the encrypted stream back to the original.
In a cluster all nodes would share the same secret key value to encrypt and authenticate messages. The key value is thus commonly known to all agents participating in message security within the cluster, but not revealed to any external entities.
Shared secret key cryptography has advantages over public key cryptography in that only one key value is generated, disseminated to and used by all nodes in the computing cluster, rather than a key pair per node. Stated another way, a message encrypted with the shared key by some node can be sent to all nodes and decrypted by them, rather than requiring it to be encrypted separately for each destination node with that node's public key.
In addition, shared secret keys are generally shorter than public/private keys and thus the algorithm used to implement the encryption permutation takes less time to execute on a source message of a given size. Secret key types currently in common use (again distinguished by permutation function and key length) are DES, 3-DES, AES-256, or the like.