You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2023/03/13 16:30:00 UTC

[jira] [Created] (NIFI-11277) Deprecate bcrypt and scrypt Sensitive Properties Algorithms

David Handermann created NIFI-11277:
---------------------------------------

             Summary: Deprecate bcrypt and scrypt Sensitive Properties Algorithms
                 Key: NIFI-11277
                 URL: https://issues.apache.org/jira/browse/NIFI-11277
             Project: Apache NiFi
          Issue Type: Improvement
            Reporter: David Handermann
            Assignee: David Handermann
             Fix For: 1.21.0, 1.latest


NiFi 1.14.0 included new Sensitive Properties Algorithms supporting the following key derivation functions:
 * bcrypt
 * scrypt
 * PBKDF2

NiFi 1.14.0 also changed the default Sensitive Properties Algorithm to {{NIFI_PBKDF2_AES_GCM_256}} to provide better security than the previous default setting.

Algorithm selection can be challenging, making sensible defaults an important part of the standard configuration. Supporting a variety of algorithms introduces unnecessary complexity and maintenance.

[Argon2|https://en.wikipedia.org/wiki/Argon2] incorporates both processing and memory cost factors, making it the ideal solution for many deployments. [PBKDF2|https://en.wikipedia.org/wiki/PBKDF2] supports a processing iteration cost factor and is approved for use on systems requiring compliance with FIPS-140 standards. The [bcrypt|https://en.wikipedia.org/wiki/Bcrypt] algorithm provides strong security using a configurable work factor, but does not have the memory hardness properties of Argon2. The [scrypt|https://en.wikipedia.org/wiki/Scrypt] algorithm supports both processing and memory cost parameters, similar to Argon2.

Based on algorithm properties, the available options for the NiFi Sensitive Properties Algorithm should be reduced to Argon2 and PBKDF2 with AES-GCM and 256 bit keys.
 * NIFI_ARGON2_AES_GCM_256
 * NIFI_PBKDF2_AES_GCM_256

The {{NIFI_ARGON2_AES_GCM_256}} option has been available since NiFi 1.12.0. There is little value in supporting non-default 128 bit key variants of AES-GCM for the purpose of encrypting sensitive property values. Deprecating the non-default {{bcrypt}} and {{scrypt}} variants for removal in NiFi 2.0 will also provide a clearer set of recommendations.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)