[jboss-jira] [JBoss JIRA] (JGRP-2386) Support for encryption ciphers that require an initialization vector

Support for encryption ciphers that require an initialization vector -------------------------------------------------------------------- Key: JGRP-2386 URL: https://issues.jboss.org/browse/JGRP-2386 Project: JGroups Issue Type: Enhancement Affects Versions: 4.1.5, 3.6.19 Reporter: Nick Sawadsky Assignee: Bela Ban Priority: Minor Fix For: 4.1.6 By default, Encrypt sets sym_algorithm to "AES". As a result, the default cipher mode is used, which is ECB. ECB encrypts a given plaintext block to the same ciphertext every time, which can allow attackers to see [patterns in messages being exchanged|https://crypto.stackexchange.com/questions/20941/why-shouldnt-i...]. Modes like CBC, that use a random initialization vector (IV) avoid this problem (assuming a different IV is used for each message). It would be good to modify Encrypt to support ciphers that require an IV, such as AES/CBC/PKCS5Padding.