[jboss-jira] [JBoss JIRA] (JGRP-2273) ASYM_ENCRYPT: deprecate encrypt_entire_message

Dennis Reed (Jira) issues at jboss.org
Mon Jul 1 00:34:00 EDT 2019 

    [ https://issues.jboss.org/browse/JGRP-2273?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13753774#comment-13753774 ] 

Dennis Reed commented on JGRP-2273:
-----------------------------------

SERIALIZE doesn't work with ASYM_ENCRYPT.

Since it serializes the headers, they're no longer available to ASYM_ENCRYPT.
But it depends on the headers (specifically from GMS) to function correctly.

EncryptTest.testCapturingOfMessageByNonMemberAndResending() didn't detect this because it doesn't add SERIALIZE until after the cluster is already running (and ASYM_ENCRYPT has already intercepted those GMS messages).  But if SERIALIZE is present before the channels start, the cluster is never able to form.

That wasn't an issue with encrypt_entire_message because it checked those headers before serializing.  Moving it to the separate SERIALIZE protocol is going to require some extra hacking to communicate that info between the two protocols.

> ASYM_ENCRYPT: deprecate encrypt_entire_message
> ----------------------------------------------
>
>                 Key: JGRP-2273
>                 URL: https://issues.jboss.org/browse/JGRP-2273
>             Project: JGroups
>          Issue Type: Enhancement
>            Reporter: Bela Ban
>            Assignee: Bela Ban
>            Priority: Major
>             Fix For: 4.0.12
>
>
> In {{ASYM_ENCRYPT}}, {{encrypt_entire_message}} encrypts not only the payload, but also metadata such as destination and sender's address, headers and flags.
> The rationale was to prevent replay attacks. However, this is not an issue, as replayed messages will simply get dropped by the retransmission layer (e.g. NAKACK2 or UNICAST3).
> If people still want this feature, they can write a protocol _above_ {{ASYM_ENCRYPT}}, which serializes the entire message into the payload of a new message, and this would be exactly the same as setting {{encrypt_entire_message}} to {{true}}.



--
This message was sent by Atlassian Jira
(v7.12.1#712002)

More information about the jboss-jira mailing list