You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2023/03/13 16:30:00 UTC
[jira] [Created] (NIFI-11277) Deprecate bcrypt and scrypt Sensitive Properties Algorithms
David Handermann created NIFI-11277:
---------------------------------------
Summary: Deprecate bcrypt and scrypt Sensitive Properties Algorithms
Key: NIFI-11277
URL: https://issues.apache.org/jira/browse/NIFI-11277
Project: Apache NiFi
Issue Type: Improvement
Reporter: David Handermann
Assignee: David Handermann
Fix For: 1.21.0, 1.latest
NiFi 1.14.0 included new Sensitive Properties Algorithms supporting the following key derivation functions:
* bcrypt
* scrypt
* PBKDF2
NiFi 1.14.0 also changed the default Sensitive Properties Algorithm to {{NIFI_PBKDF2_AES_GCM_256}} to provide better security than the previous default setting.
Algorithm selection can be challenging, making sensible defaults an important part of the standard configuration. Supporting a variety of algorithms introduces unnecessary complexity and maintenance.
[Argon2|https://en.wikipedia.org/wiki/Argon2] incorporates both processing and memory cost factors, making it the ideal solution for many deployments. [PBKDF2|https://en.wikipedia.org/wiki/PBKDF2] supports a processing iteration cost factor and is approved for use on systems requiring compliance with FIPS-140 standards. The [bcrypt|https://en.wikipedia.org/wiki/Bcrypt] algorithm provides strong security using a configurable work factor, but does not have the memory hardness properties of Argon2. The [scrypt|https://en.wikipedia.org/wiki/Scrypt] algorithm supports both processing and memory cost parameters, similar to Argon2.
Based on algorithm properties, the available options for the NiFi Sensitive Properties Algorithm should be reduced to Argon2 and PBKDF2 with AES-GCM and 256 bit keys.
* NIFI_ARGON2_AES_GCM_256
* NIFI_PBKDF2_AES_GCM_256
The {{NIFI_ARGON2_AES_GCM_256}} option has been available since NiFi 1.12.0. There is little value in supporting non-default 128 bit key variants of AES-GCM for the purpose of encrypting sensitive property values. Deprecating the non-default {{bcrypt}} and {{scrypt}} variants for removal in NiFi 2.0 will also provide a clearer set of recommendations.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)