H2 database have been using AES-128 and as time goes by, AES is found to be vulnerable to many classes of side-channel attacks and the 128-bit key may not be the best option as the recommended security would be 256-bit key. It would be nice if H2 database can update it's file encryption scheme to include the latest ChaCha20 cipher which is known to have very fast speed while also delivering much higher security margins (ChaCha 20 rounds vs. AES 12 or 14 rounds). It only has a single key setting namely 256-bit keys which is very secure. ChaCha20 has also been known to be made as side-channel resistant as it can be.
I have linked a ChaCha20 implementation in Java below that does not rely on Java's Cipher classes and thus can be plugged into H2 source codes much more easily. I would recommend switching on the RFC-7539 setting when using kitsook's ChaCha20 library (96-bit nonce and 32-bit counter setting). I have also included the ChaCha20 RFC document (RFC-7539) below as well. When using RFC-7539 mode, do note that it can only encrypt 256 GB of file before needing to re-key again with a different set of nonce and counter at the minimum and for the maximum security, change a different key as well. By introducing ChaCha20/RFC-7539 to H2, you would be able to use a very fast stream cipher comparable or at times even beating the speed of equivalent AES implementation with much higher security margins (20 rounds and 256-bit key) and not be bothered by things regarding block ciphers (CBC modes, XTS modes, PKCS5/7 paddings ...) and simply switch up new keys, nonces and counters whenever you reach 256 GB file size. With the mentioned ChaCha20 library linked below capable of RFC-7539 and non-RFC mode, it is much more easier to integrate into H2 and select between either modes as you wish to use. Links: - https://github.com/kitsook/ChaCha20 (source code) - https://tools.ietf.org/html/rfc7539 (RFC document) -- You received this message because you are subscribed to the Google Groups "H2 Database" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/h2-database. For more options, visit https://groups.google.com/d/optout.
