Details
-
Bug
-
Status: Open
-
Normal
-
Resolution: Unresolved
-
None
-
None
-
Normal
Description
Commit log segments share iv values between encrypted chunks. The cipher should be reinitialized with a new iv for each discrete piece of data it encrypts, otherwise it gives attackers something to compare between chunks of data. Also, some cipher configurations don't support initialization vectors ('AES/ECB/NoPadding'), so some logic should be added to determine if the cipher should be initialized with an iv.