[ https://issues.apache.org/jira/browse/CASSANDRA-11810?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jason Brown reassigned CASSANDRA-11810: --------------------------------------- Assignee: (was: Jason Brown) > IV misuse in hints encryption > ----------------------------- > > Key: CASSANDRA-11810 > URL: https://issues.apache.org/jira/browse/CASSANDRA-11810 > Project: Cassandra > Issue Type: Bug > Reporter: Blake Eggleston > Priority: Major > Fix For: 3.11.x > > > Encrypted hint files share iv values between encrypted chunks. The cipher > should be reinitialized with a new iv for each discrete piece of data it > encrypts, otherwise it gives attackers something to compare between chunks of > data. Also, some cipher configurations don't support initialization vectors > ('AES/ECB/NoPadding'), so some logic should be added to determine if the > cipher should be initialized with an iv. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org