[teiid-issues] [JBoss JIRA] (TEIID-4663) Support a more secure block mode for client/server encryption
Johnathon Lee (JIRA)
issues at jboss.org
Fri May 5 19:30:00 EDT 2017
[ https://issues.jboss.org/browse/TEIID-4663?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Johnathon Lee updated TEIID-4663:
---------------------------------
Fix Version/s: 8.12.11.6_3
> Support a more secure block mode for client/server encryption
> -------------------------------------------------------------
>
> Key: TEIID-4663
> URL: https://issues.jboss.org/browse/TEIID-4663
> Project: Teiid
> Issue Type: Quality Risk
> Components: JDBC Driver, Server
> Reporter: Steven Hawkins
> Assignee: Steven Hawkins
> Fix For: 9.0.6, 9.1.2, 9.2, 8.12.11.6_3
>
>
> ECB is the current default for the socket transport encryption of secure messages. While this is relatively ok for small messages as we also have a message key acting as a CTR counter to some of the blocks, it does not provide strong security - especially for large data volume scenarios, such as when using larger login payloads or the secure requests option. We should default instead to CBC with an explicit initialization vector.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the teiid-issues
mailing list