docs: add document for AI models security enhancement #154
Conversation
|
Maybe we also add some refer link to this markdown page in README? |
yes, let's review the content and title first. |
| - Register key to Key Broker Service (KBS), and KBS communicates with key management service (KMS) to store the key. | ||
|
|
||
|
|
||
| ### 1.2 Confidential Cloud Native Primitives (CCNP) |
There was a problem hiding this comment.
See this document, seems to be CNCF style to not use hyphen:
https://github.com/cncf/foundation/blob/main/style-guide.md
There was a problem hiding this comment.
@hwang37 what are your suggestions on this? Cloud Native or Cloud-Native?
There was a problem hiding this comment.
I remember Hongbo mentioned it is some hyphen added by legal. So it will be our official name.
|
|
||
| ### 2.1 Mode Encryption | ||
|
|
||
| AES GCM is a widely used encryption algorithm and mode of operation for securing data, particularly in network communications and data storage. It combines two important cryptographic techniques: AES and GCM. AES is a symmetric encryption algorithm that uses a shared secret key for both encryption and decryption. GCM is based on a combination of CTR and GMAC, this combination ensures that not only is the data encrypted, but it also includes an authentication tag that allows the recipient to verify the integrity of the data. |
There was a problem hiding this comment.
AES-GCM is a widely used block cipher mode of operation ....
And regarding the introduction of GCM, i remember it is an algorithm that runs on a block cipher with block size 128 bits(mainly AES). And GMAC is the authentication-only variant of GCM. Please take the NIST publication as reference. https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-38d.pdf
There was a problem hiding this comment.
GMAC is the authentication-only variant of GCM, and GCM is based on a combination of CTR and GMAC, this should be ok, right?
dongx1x
force-pushed
the
model-doc
branch
2 times, most recently
from
dd6c133
to
387bda6
Compare
| - Register key to Key Broker Service (KBS), and KBS communicates with key management service (KMS) to store the key. | ||
|
|
||
|
|
||
| ### 1.2 Confidential Cloud Native Primitives (CCNP) |
There was a problem hiding this comment.
See this document, seems to be CNCF style to not use hyphen:
https://github.com/cncf/foundation/blob/main/style-guide.md
dongx1x
force-pushed
the
model-doc
branch
5 times, most recently
from
d13c84e
to
6452b00
Compare
|
LGTM |
Signed-off-by: Dong, Xiaocheng <[email protected]>
No description provided.