You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@spark.apache.org by "Sean R. Owen (Jira)" <ji...@apache.org> on 2022/04/16 20:56:00 UTC
[jira] [Commented] (SPARK-38422) Encryption algorithms should be used with secure mode and padding scheme
[ https://issues.apache.org/jira/browse/SPARK-38422?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17523220#comment-17523220 ]
Sean R. Owen commented on SPARK-38422:
--------------------------------------
This may be a good argument in general, but we're talking about Spark's usage here. this code supports a function that specifically uses AES on purpose. I'm not clear which part you're taking issue with or what the change is, but, this code needs to implement 'aesEncrypt'
> Encryption algorithms should be used with secure mode and padding scheme
> ------------------------------------------------------------------------
>
> Key: SPARK-38422
> URL: https://issues.apache.org/jira/browse/SPARK-38422
> Project: Spark
> Issue Type: Bug
> Components: SQL
> Affects Versions: 3.3.0
> Reporter: Bjørn Jørgensen
> Priority: Major
>
> I have scanned java files with Sonarqube and in https://github.com/apache/spark/blob/master/sql/catalyst/src/main/java/org/apache/spark/sql/catalyst/expressions/ExpressionImplUtils.java
> {code:java}
> try {
> if (mode.equalsIgnoreCase("ECB") &&
> (padding.equalsIgnoreCase("PKCS") || padding.equalsIgnoreCase("DEFAULT"))) {
> Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
> {code}
> Encryption operation mode and the padding scheme should be chosen appropriately to guarantee data confidentiality, integrity and authenticity:
> For block cipher encryption algorithms (like AES):
> The GCM (Galois Counter Mode) mode which works internally with zero/no padding scheme, is recommended, as it is designed to provide both data authenticity (integrity) and confidentiality. Other similar modes are CCM, CWC, EAX, IAPM and OCB.
> The CBC (Cipher Block Chaining) mode by itself provides only data confidentiality, it’s recommended to use it along with Message Authentication Code or similar to achieve data authenticity (integrity) too and thus to prevent padding oracle attacks.
> The ECB (Electronic Codebook) mode doesn’t provide serious message confidentiality: under a given key any given plaintext block always gets encrypted to the same ciphertext block. This mode should not be used.
> For RSA encryption algorithm, the recommended padding scheme is OAEP.
> [OWASP Top 10 2021|https://owasp.org/Top10/A02_2021-Cryptographic_Failures/] Category A2 - Cryptographic Failures
> [OWASP Top 10 2017|https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html] Category A6 - Security Misconfiguration
> [Mobile AppSec|https://mobile-security.gitbook.io/masvs/security-requirements/0x08-v3-cryptography_verification_requirements] Verification Standard - Cryptography Requirements
> [OWASP Mobile Top 10 2016|https://owasp.org/www-project-mobile-top-10/2016-risks/m5-insufficient-cryptography] Category M5 - Insufficient Cryptography
> [MITRE, CWE-327|https://cwe.mitre.org/data/definitions/327.html] - Use of a Broken or Risky Cryptographic Algorithm
> [CERT, MSC61-J.|https://wiki.sei.cmu.edu/confluence/display/java/MSC61-J.+Do+not+use+insecure+or+weak+cryptographic+algorithms] - Do not use insecure or weak cryptographic algorithms
> [SANS Top 25|https://www.sans.org/top25-software-errors/#cat3] - Porous Defenses
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@spark.apache.org
For additional commands, e-mail: issues-help@spark.apache.org