[jboss-jira] [JBoss JIRA] (JGRP-2386) Support for encryption ciphers that require an initialization vector
Bela Ban (Jira)
issues at jboss.org
Wed Oct 2 03:08:00 EDT 2019
[ https://issues.jboss.org/browse/JGRP-2386?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Bela Ban updated JGRP-2386:
---------------------------
Fix Version/s: 4.1.6
> Support for encryption ciphers that require an initialization vector
> --------------------------------------------------------------------
>
> Key: JGRP-2386
> URL: https://issues.jboss.org/browse/JGRP-2386
> Project: JGroups
> Issue Type: Enhancement
> Affects Versions: 4.1.5, 3.6.19
> Reporter: Nick Sawadsky
> Assignee: Bela Ban
> Priority: Minor
> Fix For: 4.1.6
>
>
> By default, Encrypt sets sym_algorithm to "AES". As a result, the default cipher mode is used, which is ECB. ECB encrypts a given plaintext block to the same ciphertext every time, which can allow attackers to see [patterns in messages being exchanged|https://crypto.stackexchange.com/questions/20941/why-shouldnt-i-use-ecb-encryption].
> Modes like CBC, that use a random initialization vector (IV) avoid this problem (assuming a different IV is used for each message).
> It would be good to modify Encrypt to support ciphers that require an IV, such as AES/CBC/PKCS5Padding.
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
More information about the jboss-jira
mailing list