[jboss-jira] [JBoss JIRA] (JGRP-2315) ASYNC_ENCRYPT: Race condition in cipher queue usage can cause message decryption failures
Bela Ban (Jira)
issues at jboss.org
Thu Nov 29 13:02:00 EST 2018
[ https://issues.jboss.org/browse/JGRP-2315?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Bela Ban updated JGRP-2315:
---------------------------
Fix Version/s: 4.0.16
> ASYNC_ENCRYPT: Race condition in cipher queue usage can cause message decryption failures
> -----------------------------------------------------------------------------------------
>
> Key: JGRP-2315
> URL: https://issues.jboss.org/browse/JGRP-2315
> Project: JGroups
> Issue Type: Bug
> Affects Versions: 4.0.15
> Reporter: Paul Ferraro
> Assignee: Paul Ferraro
> Priority: Major
> Fix For: 4.0.16
>
>
> If a message is received that needs to be decrypted, or if a message need to be encrypted, a cipher is taken from the queue. However, if a new coordinator concurrently sends a new secret key, it will clear and recreate the cipher queues. If the previous operation then puts its cipher back on the queue, the queue will now contain a cipher with the old secret key. This will result in random message decryption failures when a message encryption/decryption pulls the outdated cipher from the queue.
> While this is mitigated somewhat by the caching of old cipher versions, newly joined members do not have the ability to read messages encrypted by outdated ciphers.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the jboss-jira
mailing list