Details
-
New Feature
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
Description
What?
Cryptographic algorithm `PBKDF2WithHmacSHA1` is weak and should not be used.
Using broken or weak cryptographic algorithms can leave data vulnerable to being decrypted.
Many cryptographic algorithms provided by cryptography libraries are known to be weak, or flawed. Using such an algorithm means that an attacker may be able to easily decrypt the encrypted data.
Recommendation
*Recommendation*
Ensure that you use a strong, modern cryptographic algorithm. Use at least AES-128 or RSA-2048. Do not use the ECB encryption mode since it is vulnerable to replay and other attacks.
(Found via Github code scans...)
Fix
For blob AES :
-> Defaults to usage of PBKDF2WithHmacSHA512
-> Allow people to configure other algorithms, including PBKDF2WithHmacSHA1
-> No migration strategy for people having already encrypted data (stick to PBKDF2WithHmacSHA1)
For user hashing:
-> add a new user password hashing algorithm based on PBKDF2WithHmacSHA512
-> Make it the default one
-> Hashing "on the fly" migration already present...
Attachments
Issue Links
- links to