[jboss-jira] [JBoss JIRA] (JGRP-2274) ASYM_ENCRYPT: deprecate sign_msgs
Nick Sawadsky (Jira)
issues at jboss.org
Wed Aug 21 14:02:00 EDT 2019
[ https://issues.jboss.org/browse/JGRP-2274?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13773734#comment-13773734 ]
Nick Sawadsky commented on JGRP-2274:
-------------------------------------
[~belaban] I understand the reasoning about putting integrity-checking in a different protocol. That would probably be more work than I could take on.
But if you're open to a pull request for adding GCM support in Encrypt, I think that's something I could tackle. The goal would be to allow the mode and padding to be configured, in addition to the basic encryption algorithm (e.g. AES). I'll create an enhancement request for that and start working on the change, if you're okay with the basic idea.
> ASYM_ENCRYPT: deprecate sign_msgs
> ---------------------------------
>
> Key: JGRP-2274
> URL: https://issues.jboss.org/browse/JGRP-2274
> Project: JGroups
> Issue Type: Enhancement
> Reporter: Bela Ban
> Assignee: Bela Ban
> Priority: Major
> Fix For: 4.0.12
>
>
> In {{ASYM_ENCRYPT}}, signing messages means that the checksum of an encrypted message is computed and used together with the secret key of the sender to sign the message. On the receiver side, the public key of the sender is used to validate the signature.
> However, this is redundant, as decryption of a message will fail if the contents have been changed.
> If needed, signing of messages can be done in a separate protocol.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the jboss-jira
mailing list