[jira] [Updated] (CAY-2109) cayenne-crypto: add value authentication (HMAC)

Nikita Timofeev (JIRA) Fri, 24 Mar 2017 07:32:17 -0700

     [ 
https://issues.apache.org/jira/browse/CAY-2109?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Nikita Timofeev updated CAY-2109:
---------------------------------
    Fix Version/s: 4.0.M6

> cayenne-crypto: add value authentication (HMAC)
> -----------------------------------------------
>
>                 Key: CAY-2109
>                 URL: https://issues.apache.org/jira/browse/CAY-2109
>             Project: Cayenne
>          Issue Type: Bug
>            Reporter: Andrus Adamchik
>            Assignee: Andrus Adamchik
>             Fix For: 4.0.M6
>
>
> A previously ignored concern with using cayenne-crypto is data integrity. 
> Corrupt messages will happily decrypt to garbage. Valid messages will happily 
> decrypt with a corrupt key, also to garbage. So to make the system more 
> robust, we'll be adding an optional message authentication code (MAC). I am 
> using "Cryptography Engineering" book [1] as a reference on the best MAC 
> practices. Implementation parameters:
> * HMAC [2]
> * SHA-256 
> * authenticate-then-encrypt
> * Authenticated message will be made of the following fields:
>      protocol_version || flags || secret_key || message
> (or should we just do header || secret_key || message?)
> [1] https://www.schneier.com/books/cryptography_engineering/
> [2] https://en.wikipedia.org/wiki/Hash-based_message_authentication_code



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (CAY-2109) cayenne-crypto: add value authentication (HMAC)

Reply via email to