Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Encrypted Workload Keys #30

Open
eostermueller opened this issue Mar 14, 2020 · 0 comments
Open

Encrypted Workload Keys #30

eostermueller opened this issue Mar 14, 2020 · 0 comments
Labels
enhancement New feature or request

Comments

@eostermueller
Copy link
Owner

eostermueller commented Mar 14, 2020

Need a java component that will encrypt and decrypt a json blob of text that is a few 1000 bytes.
I'd really like this to be done using jasypt which is a well-thought-out approach to the whole process.....configuration for names of encryption algorithms, approaches for getting the 'salt', encryption library dependencies, command line tools for encryption/decryption, etc...

A teacher/administrator must be able to specify a secret encryption key at snail4j startup. This key will be used on the java side to decrypt the encrypted text that the user enters into the GUI.

The teacher/administrator must also have a command line facility that encrypts a workload key given that secret key.

Without this enhancement, the snail4j Angular UI shows the class and method name of the running code/workload.
With this enhancement, the end user will paste an encrypted key into the user interface, and snail4j will run the mystery code specified by the encrypted key. The UI will obscure/hide the name of the class/method name.

Detail:

  1. The teacher will use snail4j to create/assemble a plain-text workload key with the desired java processing.
  2. The teacher will use the command line facility to encrypt the plain-text workload key.
  3. The teacher will distribute the encrypted keys to the student in a plain text document, along with documentation on how to use that key with Snail4j. The doc will also "solicit predictions", as detailed below.
  4. The End user will go to a new screen in snail4j, dial in the encrypted key, and the SUT. Once text is pasted into snail4j, but before the user submits the text to the snail4j agent, the GUI will validate whether the key is "good" -- aka, decryptable using the secret key specified at the snail4j command line uber startup.
  5. Once snail4j GUI sends that key to the snail4j java agent, the snail4j java agent will decrypt the encrypted workload key using the "secret key" specified at snailj startup as a command line parameter.
  6. Once decrypted, snail4j will then run the specified workload.
  7. To avoid spoiling the secret, The snail4j UI will hide/obscure the normal GUI

Use Case: Invalid Encrypted Key.

This use case also needs to handle an invalid key.
For example, say the user doesn't copy all the text of the key from the 'doc' given to them by their teacher. Or, say, the teacher gives them a key, and when the snail4j uber jar was launched, it was not given the "secret key", the one that decrypts the text provided by the end user.

Use Case / Background

Snail4j aims to teach java performance to all java developers. I interview java developers a few times a year, and there just aren't enough of them with basic performance skills. But also, our approaches to teaching performance skills aren't cranking out a lot of skilled pepes.

But snail4j is just software, how exactly will it "teach"? In short, it will solicit predictions from the end user.

Here are a few different approaches, where the user is solicited (asked) to make various predictions.

  • Which code will run faster, the code that uses technique A or technique B? Given a few encrypted workload keys, the user is asked say one uses technique A, and which uses technique B.
  • User is asked to use Snail4j to run a particular workload and asked what is taking up most of the time? If the key to specify that workload is opaque/encrypted, the user will be forced to learn how to use tools to discover the problem.
  • User asked what the developer of workload 2 did to make it so much faster than workload 1.

With an encrypted "workload key", the user won't be able to directly inspect the source code, because the class names in the "workload key" will be opaque/encrypted.
This helps force the user to install/learn/use monitoring/observability tools to build an evidence-based story about what's processing, instead of using the source code as a crutch and taking guesses by peeking at the source code.

Here is an example of a clear text workload key that needs to be encrypted:

{
    "useCases": [
      {
        "processingUnits": [
          {
            "description": {
              "en_US": "sleep ms 100"
            },
            "useCaseName": "sleep",
            "selected": true,
            "methodWrapper": {
              "parameters": [],
              "declaringClassName": "com.github.eostermueller.tjp2.misc.SleepDelay",
              "methodName": "simulateSlowCode_sleepMilliseconds_100"
            }
          },
          {
            "description": {
              "en_US": "sleep ms 1"
            },
            "useCaseName": "sleep",
            "selected": false,
            "methodWrapper": {
              "parameters": [],
              "declaringClassName": "com.github.eostermueller.tjp2.misc.SleepDelay",
              "methodName": "simulateSlowCode_sleepMilliseconds_1"
            }
          },
          {
            "description": {
              "en_US": "sync sleep ms 10"
            },
            "useCaseName": "sleep",
            "selected": false,
            "methodWrapper": {
              "parameters": [],
              "declaringClassName": "com.github.eostermueller.tjp2.misc.SleepDelay",
              "methodName": "simulateSynchronizedSlowCode_sleepMilliseconds_10"
            }
          },
          {
            "description": {
              "en_US": "sleep ms 10"
            },
            "useCaseName": "sleep",
            "selected": false,
            "methodWrapper": {
              "parameters": [],
              "declaringClassName": "com.github.eostermueller.tjp2.misc.SleepDelay",
              "methodName": "simulateSlowCode_sleepMilliseconds_10"
            }
          },
          {
            "description": {
              "en_US": "sleep ms 1000"
            },
            "useCaseName": "sleep",
            "selected": false,
            "methodWrapper": {
              "parameters": [],
              "declaringClassName": "com.github.eostermueller.tjp2.misc.SleepDelay",
              "methodName": "simulateSlowCode_sleepMilliseconds_1000"
            }
          },
          {
            "description": {
              "en_US": "sync sleep ms 1000"
            },
            "useCaseName": "sleep",
            "selected": false,
            "methodWrapper": {
              "parameters": [],
              "declaringClassName": "com.github.eostermueller.tjp2.misc.SleepDelay",
              "methodName": "simulateSynchronizedSlowCode_sleepMilliseconds_1000"
            }
          },
          {
            "description": {
              "en_US": "sync sleep ms 1"
            },
            "useCaseName": "sleep",
            "selected": false,
            "methodWrapper": {
              "parameters": [],
              "declaringClassName": "com.github.eostermueller.tjp2.misc.SleepDelay",
              "methodName": "simulateSynchronizedSlowCode_sleepMilliseconds_1"
            }
          },
          {
            "description": {
              "en_US": "sync sleep ms 100"
            },
            "useCaseName": "sleep",
            "selected": false,
            "methodWrapper": {
              "parameters": [],
              "declaringClassName": "com.github.eostermueller.tjp2.misc.SleepDelay",
              "methodName": "simulateSynchronizedSlowCode_sleepMilliseconds_100"
            }
          }
        ],
        "name": "sleep"
      }
    ]
  }

@eostermueller eostermueller added the enhancement New feature or request label Mar 14, 2020
eostermueller added a commit that referenced this issue Nov 6, 2020
eostermueller added a commit that referenced this issue Aug 20, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

1 participant