[jboss-jira] [JBoss JIRA] (JGRP-2386) Support for encryption ciphers that require an initialization vector
Nick Sawadsky (Jira)
issues at jboss.org
Mon Sep 23 17:22:00 EDT 2019
[ https://issues.jboss.org/browse/JGRP-2386?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nick Sawadsky updated JGRP-2386:
--------------------------------
Summary: Support for encryption ciphers that require an initialization vector (was: Support for encryption ciphers that require an IV)
> Support for encryption ciphers that require an initialization vector
> --------------------------------------------------------------------
>
> Key: JGRP-2386
> URL: https://issues.jboss.org/browse/JGRP-2386
> Project: JGroups
> Issue Type: Enhancement
> Affects Versions: 4.1.5, 3.6.19
> Reporter: Nick Sawadsky
> Assignee: Bela Ban
> Priority: Minor
>
> By default, Encrypt sets sym_algorithm to "AES". As a result, the default cipher mode is used, which is ECB. ECB encrypts the same plaintext block to the same ciphertext every time, which can give attackers insight into the types of messages being exchanged.
> Modes like CBC, that use a random initialization vector (IV) are not susceptible to this problem, except in the case where a given IV is reused with the same key.
> It would be good to modify Encrypt to support ciphers that require an IV, such as AES/CBC/PKCS5Padding.
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
More information about the jboss-jira
mailing list