[
https://issues.apache.org/jira/browse/NIFI-1465?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andy LoPresto updated NIFI-1465:
--------------------------------
Description:
Currently, NiFi accepts a password and encryption algorithm in
{{nifi.properties}} which are used to encrypt all sensitive processor
properties throughout the application. The password defaults to empty and the
algorithm defaults to {{PBEWITHMD5AND256BITAES-CBC-OPENSSL}}. This algorithm:
* uses a digest function ({{MD5}}) which is not cryptographically secure
[1][2][3][4]
* uses a single iteration count [5][6]
* limits password input to 16 characters on JVMs without the unlimited strength
cryptographic jurisdiction policy files installed [NIFI-1255]
all of which combine to make it extremely insecure. We should change the
default algorithm to use a strong key derivation function (KDF) [7] which will
properly derive a key to protect the sensitive properties.
Because existing systems have already encrypted the properties using a key
derived from the original settings, we should provide a translation/upgrade
utility to seamlessly convert the stored values from the old password &
algorithm combination to the new.
[1] http://security.stackexchange.com/a/19908/16485
[2] http://security.stackexchange.com/a/31846/16485
[3]
http://security.stackexchange.com/questions/52461/how-weak-is-md5-as-a-password-hashing-function
[4] http://security.stackexchange.com/a/31410/16485
[5] http://security.stackexchange.com/a/29139/16485
[6] https://www.openssl.org/docs/manmaster/crypto/EVP_BytesToKey.html
[7]
https://cwiki.apache.org/confluence/display/NIFI/Key+Derivation+Function+Explanations
was:
Currently, NiFi accepts a password and encryption algorithm in
`nifi.properties` which are used to encrypt all sensitive processor properties
throughout the application. The password defaults to empty and the algorithm
defaults to {{PBEWITHMD5AND256BITAES-CBC-OPENSSL}}. This algorithm:
* uses a digest function ({{MD5}}) which is not cryptographically secure
[1][2][3][4]
* uses a single iteration count [5][6]
* limits password input to 16 characters on JVMs without the unlimited strength
cryptographic jurisdiction policy files installed [NIFI-1255]
all of which combine to make it extremely insecure. We should change the
default algorithm to use a strong key derivation function (KDF) [7] which will
properly derive a key to protect the sensitive properties.
Because existing systems have already encrypted the properties using a key
derived from the original settings, we should provide a translation/upgrade
utility to seamlessly convert the stored values from the old password &
algorithm combination to the new.
[1] http://security.stackexchange.com/a/19908/16485
[2] http://security.stackexchange.com/a/31846/16485
[3]
http://security.stackexchange.com/questions/52461/how-weak-is-md5-as-a-password-hashing-function
[4] http://security.stackexchange.com/a/31410/16485
[5] http://security.stackexchange.com/a/29139/16485
[6] https://www.openssl.org/docs/manmaster/crypto/EVP_BytesToKey.html
[7]
https://cwiki.apache.org/confluence/display/NIFI/Key+Derivation+Function+Explanations
> Upgrade encryption of sensitive properties
> ------------------------------------------
>
> Key: NIFI-1465
> URL: https://issues.apache.org/jira/browse/NIFI-1465
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core Framework
> Affects Versions: 0.5.0
> Reporter: Andy LoPresto
> Assignee: Andy LoPresto
> Labels: encryption, security
> Original Estimate: 120h
> Remaining Estimate: 120h
>
> Currently, NiFi accepts a password and encryption algorithm in
> {{nifi.properties}} which are used to encrypt all sensitive processor
> properties throughout the application. The password defaults to empty and the
> algorithm defaults to {{PBEWITHMD5AND256BITAES-CBC-OPENSSL}}. This algorithm:
> * uses a digest function ({{MD5}}) which is not cryptographically secure
> [1][2][3][4]
> * uses a single iteration count [5][6]
> * limits password input to 16 characters on JVMs without the unlimited
> strength cryptographic jurisdiction policy files installed [NIFI-1255]
> all of which combine to make it extremely insecure. We should change the
> default algorithm to use a strong key derivation function (KDF) [7] which
> will properly derive a key to protect the sensitive properties.
> Because existing systems have already encrypted the properties using a key
> derived from the original settings, we should provide a translation/upgrade
> utility to seamlessly convert the stored values from the old password &
> algorithm combination to the new.
> [1] http://security.stackexchange.com/a/19908/16485
> [2] http://security.stackexchange.com/a/31846/16485
> [3]
> http://security.stackexchange.com/questions/52461/how-weak-is-md5-as-a-password-hashing-function
> [4] http://security.stackexchange.com/a/31410/16485
> [5] http://security.stackexchange.com/a/29139/16485
> [6] https://www.openssl.org/docs/manmaster/crypto/EVP_BytesToKey.html
> [7]
> https://cwiki.apache.org/confluence/display/NIFI/Key+Derivation+Function+Explanations
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
