[CASSANDRA-11809] IV misuse in commit log encryption - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Normal
Resolution: Unresolved
Fix Version/s: 3.11.x
Component/s: None
Labels:
None

Severity:
Normal

Description

Commit log segments share iv values between encrypted chunks. The cipher should be reinitialized with a new iv for each discrete piece of data it encrypts, otherwise it gives attackers something to compare between chunks of data. Also, some cipher configurations don't support initialization vectors ('AES/ECB/NoPadding'), so some logic should be added to determine if the cipher should be initialized with an iv.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Blake Eggleston

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 16/May/16 15:52

Updated:: 16/Apr/19 09:30