Uploaded image for project: 'Directory ApacheDS'
  1. Directory ApacheDS
  2. DIRSERVER-2338

Using a static IV in symmetric encryption with CBC mode

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 2.0.0.AM27
    • None
    • Patch

    Description

      Vulnerability Description

      In file [directory-server/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java|https://github.com/apache/directory-server/blob/master/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java,] a hardcoded IV (at Line 161) is used to initialize the cipher (at Line 165, Line 169).

      Security Impact:

      The IV of CBC mode is expected to be random. The static IV makes the resulting ciphertext much more predictable and susceptible to a dictionary attack.

      Useful Resources:

      https://cwe.mitre.org/data/definitions/338.html

      Solution we suggest

      Generate the IV bytes through SecureRandom.

      Please share with us your opinions/comments if there is any

      Is the bug report helpful?

      Attachments

        Activity

          People

            coheigea Colm O hEigeartaigh
            yaxiao Ya Xiao
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: