Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-5622

Reduce the chance for hash collisions when checking bootPassword at boot time and when changing password.

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 10.8.3.0, 10.9.2.2, 10.10.1.1
    • Store
    • None
    • Data corruption, Security

    Description

      There are two issues, already seen in DERBY-2687:

      "the boot issue": there is a 1/2**16 chance that a wrong bootPassword will allow boot to proceed (but since its decoded key is wrong the boot will fail).
      "the password change" issue: similarly, there is a chance that the wrong bootPassword will be accepted trying to change it via
      SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY('bootPassword', ...) at least for algorithms that do not check IV (initialization vector) in addition to the
      digest, e.g. "DES/ECB/NoPadding"

      The latter case may lead to data corruption, cf. DERBY-2687 discussion. I think the risk is fairly low, though: One would need to have execution permission to change the property if SQL authorization is used, and in most scenarios the supplied existing password would be correct. But since the results can be bad, it would be good to reduce or eliminate the risk.

      Attachments

        1. derby-5622-01-aa-decryptEncryptedSample.diff
          3 kB
          Richard N. Hillegas
        2. derby-5622-instrumentation.diff
          2 kB
          Dag H. Wanvik
        3. derby-5622-repro.sql
          0.4 kB
          Richard N. Hillegas
        4. derby-5622-TT-fixWithTestScaffolding.diff
          4 kB
          Richard N. Hillegas
        5. repro.sh
          1 kB
          Dag H. Wanvik

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. DERBY-2687 store/encryptDatabase.sql fails intermittently with ClassNotFoundException, Log Corrupted

          • Major - Major loss of function.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. DERBY-5805 Database encryption topics in Reference Manual need more information

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Activity

            People

              Unassigned Unassigned
              dagw Dag H. Wanvik
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: