Kyoto Tycoon Secure Replication

Kyoto Tycoon, a distributed key-value store developed by FAL Labs, is used extensively at CloudFlare for replicating data from Postgres Database to its 30 global data centers. To ensure eventual consistency and guarantee ordering, it uses timestamp-based replication. However, the original design of Kyoto Tycoon had data replicated across the Internet in plaintext. In response to increased concerns about data security, CloudFlare has implemented a mutually-authenticated encryption tunnel for data replication using TLS mutual authentication and OpenSSL. The source code for these changes is now available on Github.