David Handermann created NIFI-11022:
---------------------------------------
Summary: Add Decrypt Processors Compatible with EncryptContent
Encoding
Key: NIFI-11022
URL: https://issues.apache.org/jira/browse/NIFI-11022
Project: Apache NiFi
Issue Type: New Feature
Components: Extensions, Security
Reporter: David Handermann
Assignee: David Handermann
The {{EncryptContent}} Processors supports a wide variety of configuration
options, enabling both encryption and decryption using various algorithms. Many
of these algorithms are not secure according to modern cryptographic analysis,
and existing secure options use a custom encoding format. New Processors should
be added that support decrypting content according to these legacy and custom
formats, which will enable deprecating {{EncryptContent}} for removal and
replacement with other approaches.
The majority allowable values for the {{Encryption Method}} property in
{{EncryptContent}} come from the PKCS #5 Password-Based Cryptography
Specification, described in [RFC 8018|https://www.rfc-editor.org/rfc/rfc8018].
These algorithm names start with {{PBE}} and incorporate a message digest
function along with a cipher algorithm. Although these methods include AES, the
key derivation process for all PBE algorithms follows the {{PBES1}}
specification from RFC 8018, which is not secure or suitable for modern
applications. The ability to decrypt older content is useful, but new content
should not be encrypted using these methods.
The PBE algorithms can be configured together with either the {{NiFi Legacy}}
or {{OpenSSL EVP BytesToKey}} option for key derivation. The {{NiFI Legacy}}
option derives from the [Jasypt|http://www.jasypt.org/] library, which provides
a standard wrapper for PBE algorithms that defaults to 1000 iterations of a
selected digest algorithm. The {{OpenSSL EVP}} option supports compatibility
with encryption operations implemented in the {{OpenSSL}} library and command.
Advanced Key Derivation Functions include Argon2, bcrypt, PBKDF2, and scrypt,
which can be used together with AES in Galois/Counter Mode (GCM) for
authenticated encryption. These options provide much better security than the
legacy PBE methods, but they rely on custom file encoding using byte delimiters
that are specific to Apache NiFi. In addition, these Key Derivation Functions
generate keys of 16 bytes, which supports AES with 128 bit keys, but not AES
with 256 bit keys. NiFi 0.5.0 added bcrypt, PBKDF2, and scrypt, and NiFi 1.12.0
added Argon2. Decrypting content according to the custom NiFi encoding should
be supported, but other options should be evaluated separately for encryption
in new flows. The salt parameter bytes associated with Argon2, bcrypt, and
scrypt allow for detection of file encoding, which can enable new decryption
processors to be configured without reference to a specific Key Derivation
Function.
Adding new decryption processors will enable clear separation of encryption and
decryption operations, providing a compatible transition path for historical
usage of {{EncryptContent}} without the need to continue supporting insecure
encryption methods.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
