[teiid-issues] [JBoss JIRA] (TEIID-4663) Support a more secure block mode for client/server encryption
Steven Hawkins (JIRA)
issues at jboss.org
Fri Dec 23 13:07:00 EST 2016
Steven Hawkins created TEIID-4663:
-------------------------------------
Summary: Support a more secure block mode for client/server encryption
Key: TEIID-4663
URL: https://issues.jboss.org/browse/TEIID-4663
Project: Teiid
Issue Type: Quality Risk
Components: JDBC Driver, Server
Reporter: Steven Hawkins
Assignee: Steven Hawkins
Fix For: 9.0.6, 9.1.2, 9.2
ECB is the current default for the socket transport encryption of secure messages. While this is relatively ok for small messages as we also have a message key acting as a CTR counter to some of the blocks, it does not provide strong security - especially for large data volume scenarios, such as when using larger login payloads or the secure requests option. We should default instead to CBC with an explicit initialization vector.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the teiid-issues
mailing list