[
https://issues.apache.org/jira/browse/NIFI-5285?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16823280#comment-16823280
]
Troy Melhase commented on NIFI-5285:
------------------------------------
Following up: I think a unittest could cover these changes, e.g. make a cipher,
encrypt, make a new cipher, decrypt, compare.
> Re-evaluate memory/time cost parameters for 2018
> ------------------------------------------------
>
> Key: NIFI-5285
> URL: https://issues.apache.org/jira/browse/NIFI-5285
> Project: Apache NiFi
> Issue Type: Task
> Components: Documentation & Website
> Affects Versions: 1.6.0
> Reporter: Andy LoPresto
> Assignee: Troy Melhase
> Priority: Major
> Labels: documentation, security
>
> There are some bcrypt, SCrypt, and PBKDF2 initial parameters which were
> determined to be secure against a default threat model given best known
> attacks in 2016. These should be re-evaluated for 2018.
> Administration Guide
> * Line 1303
> * Line 1311
> * Line 1321
> * Line 1637
> If these values are updated, backward-compatibility for internal uses also
> needs to be evaluated.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
