[teiid-issues] [JBoss JIRA] (TEIID-4663) Support a more secure block mode for client/server encryption

RH Bugzilla Integration (JIRA) issues at jboss.org
Wed May 17 13:19:00 EDT 2017


     [ https://issues.jboss.org/browse/TEIID-4663?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

RH Bugzilla Integration updated TEIID-4663:
-------------------------------------------
    Bugzilla References: https://bugzilla.redhat.com/show_bug.cgi?id=1409823, https://bugzilla.redhat.com/show_bug.cgi?id=1451866
        Bugzilla Update: Perform


> Support a more secure block mode for client/server encryption
> -------------------------------------------------------------
>
>                 Key: TEIID-4663
>                 URL: https://issues.jboss.org/browse/TEIID-4663
>             Project: Teiid
>          Issue Type: Quality Risk
>          Components: JDBC Driver, Server
>            Reporter: Steven Hawkins
>            Assignee: Steven Hawkins
>             Fix For: 9.0.6, 9.1.2, 9.2, 8.12.11.6_3
>
>
> ECB is the current default for the socket transport encryption of secure messages.  While this is relatively ok for small messages as we also have a message key acting as a CTR counter to some of the blocks, it does not provide strong security - especially for large data volume scenarios, such as when using larger login payloads or the secure requests option.  We should default instead to CBC with an explicit initialization vector.



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)


More information about the teiid-issues mailing list