Initialization vectors should be randomly generated

Description

In AesEncryptor.cipher you’re initializing a Cipher instance with a static IV2 which is insecure.

One possible solution would be to generate the initialization vector using SecureRandom:

Environment

None

Activity

Show:

wroot

April 15, 2018, 6:56 AM

Copy link to comment

Assigned this to gdt as he is usually checking security issues. Feel free to reassign to Dave or leave it unassigned.

Greg Thomas

July 9, 2018, 11:47 AM

Copy link to comment

Unfortunately, it is not quite as simple as the ticket suggests; the IV is required to decrypt the text, too - which means it must be persisted, presumably in `conf/security.xml`.

Greg Thomas

July 9, 2018, 7:16 PM

Copy link to comment

On reflection, each property should have it's own IV, so the PR adds a column to the DB to save it.

Fixed

Assignee

Greg Thomas

Reporter

wroot

Labels

cypher

encryption

security

Expected Effort

None

Ignite Forum URL

https://discourse.igniterealtime.org/t/initialization-vectors-should-be-randomly-generated-for-proper-security-guarantees

Components

Core

Fix versions

4.3.0

Priority

Minor

Configure