You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nifi.apache.org by "Andy LoPresto (JIRA)" <ji...@apache.org> on 2016/02/03 05:14:39 UTC
[jira] [Commented] (NIFI-1255) Evaluate JCE cryptography with PBE
and limited strength cryptography
[ https://issues.apache.org/jira/browse/NIFI-1255?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15129756#comment-15129756 ]
Andy LoPresto commented on NIFI-1255:
-------------------------------------
{{Longest supported password by encryption method:
PBEWITHMD5AND128BITAES-CBC-OPENSSL 16
PBEWITHMD5AND192BITAES-CBC-OPENSSL 16
PBEWITHMD5AND256BITAES-CBC-OPENSSL 16
PBEWITHMD5ANDDES 16
PBEWITHMD5ANDRC2 16
PBEWITHSHA1ANDRC2 16
PBEWITHSHA1ANDDES 16
PBEWITHSHAAND128BITAES-CBC-BC 7
PBEWITHSHAAND192BITAES-CBC-BC 7
PBEWITHSHAAND256BITAES-CBC-BC 7
PBEWITHSHAAND40BITRC2-CBC 7
PBEWITHSHAAND128BITRC2-CBC 7
PBEWITHSHAAND40BITRC4 7
PBEWITHSHAAND128BITRC4 7
PBEWITHSHA256AND128BITAES-CBC-BC 7
PBEWITHSHA256AND192BITAES-CBC-BC 7
PBEWITHSHA256AND256BITAES-CBC-BC 7
PBEWITHSHAAND2-KEYTRIPLEDES-CBC 7
PBEWITHSHAAND3-KEYTRIPLEDES-CBC 7
PBEWITHSHAANDTWOFISH-CBC 7}}
> Evaluate JCE cryptography with PBE and limited strength cryptography
> --------------------------------------------------------------------
>
> Key: NIFI-1255
> URL: https://issues.apache.org/jira/browse/NIFI-1255
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core Framework
> Affects Versions: 0.4.0
> Reporter: Andy LoPresto
> Assignee: Andy LoPresto
> Labels: encryption, security
> Fix For: 0.6.0
>
> Attachments: PBE_cipher_max_password_lengths.txt
>
>
> As documented in NIFI-1242 and PR-140, there is an issue with the way we are providing encryption algorithms. Currently, NiFi allows the use of many AES ciphers with 128, 192, or 256 bit key size, regardless of the JCE Unlimited Strength Cryptography Policies (required for the use of AES with a key above 128 bits) installed.
> Java does enforce a key check, but it does this during cipher.init(), before the actual encryption key has been derived from the password. Instead, it validates the length of the **raw password**. It then derives a key of the correct length, regardless of the policies in place. This has been verified on systems without the JCE USC policies installed using OpenSSL AES-256-CBC.
> Default JRE:
> Cipher | Password length | Should Work | Does Work
> --------|-----------------|-------------|-----------
> AES-128 | <= 16 chars | YES | YES
> AES-128 | > 16 chars | YES | NO
> AES-192 | <= 16 chars | NO | YES
> AES-192 | > 16 chars | NO | NO
> AES-256 | <= 16 chars | NO | YES
> AES-256 | > 16 chars | NO | NO
> Currently (0.4.0) [~aldrin] and I created a patch which allows custom validation to determine if the combination of key size and password length will be successful if the system has limited strength cryptography. However, we should re-evaluate how we do password-based encryption (not to mention adding stronger algorithms, key-based encryption, authenticated encryption, etc.)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)