[jboss-jira] [JBoss JIRA] (JGRP-2386) Support for encryption algorithms that require an IV
Nick Sawadsky (Jira)
issues at jboss.org
Mon Sep 23 17:21:00 EDT 2019
Nick Sawadsky created JGRP-2386:
-----------------------------------
Summary: Support for encryption algorithms that require an IV
Key: JGRP-2386
URL: https://issues.jboss.org/browse/JGRP-2386
Project: JGroups
Issue Type: Enhancement
Affects Versions: 3.6.19, 4.1.5
Reporter: Nick Sawadsky
Assignee: Bela Ban
By default, Encrypt sets sym_algorithm to "AES". As a result, the default cipher mode is used, which is ECB. ECB encrypts the same plaintext block to the same ciphertext every time, which can give attackers insight into the types of messages being exchanged.
Modes like CBC, that use a random initialization vector (IV) are not susceptible to this problem, except in the case where a given IV is reused with the same key.
It would be good to modify Encrypt to support ciphers that require an IV, such as AES/CBC/PKCS5Padding.
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
More information about the jboss-jira
mailing list