[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] weak use of crypto in python-elixir can lead to information disclosure (CVE and p
From: Vincent Danen <vdanen () redhat ! com>
Date: 2012-04-30 21:57:44
Message-ID: 20120430215744.GK13910 () redhat ! com
[Download RAW message or body]
* [2012-04-28 13:58:15 +0200] Florian Weimer wrote:
>> CFB mode is only secure if the the IV is unpredictable and different
>> for every message.
>
>There are a few additional requirements. Without some form of message
>authentication, chosen-ciphertext attacks are still possible even with
>a random IV.
I'm no crypto expert, so I don't have a comment on this (although I did
note this message in our bug, so that those smarter than I can look at
it).
>> Because of this, and because the encryption key is shared for each
>> database table (fields and rows), the same plaintext prefix is
>> always encrypted to an identical and corresponding ciphertext
>> prefix. As a result, an attacker with access to the database could
>> figure out the plaintext values of encrypted text.
>
>And you can group by encrypted column values in the database. That's
>why I'm not sure if it's actually possible to address this issue in a
>satisfying manner.
So the encryption can be more fine-grained than just per-table? You can
also do it per-column? If that's the case, this does sound a lot uglier
to deal with.
--
Vincent Danen / Red Hat Security Response Team
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic