The NameNode gives the client the address of the first Data Node to read or write the
block. The actual data transfer between the client and the DataNode is over Hadoop's
Data Transfer Protocol. To encrypt this protocol you must set
dfs.encryt.data.transfer=true
on the NameNode and all DataNodes. The actual algorithm used
for encryption can be customized with dfs.encrypt.data.transfer.algorithm
set to either
"3des" or "rc4". If nothing is set, then the default on the system is used (usually
3DES.) While 3DES is more cryptographically secure, RC4 is substantially faster.