Uploaded image for project: 'Teiid'
  1. Teiid
  2. TEIID-4663

Support a more secure block mode for client/server encryption

    Details

      Description

      ECB is the current default for the socket transport encryption of secure messages. While this is relatively ok for small messages as we also have a message key acting as a CTR counter to some of the blocks, it does not provide strong security - especially for large data volume scenarios, such as when using larger login payloads or the secure requests option. We should default instead to CBC with an explicit initialization vector.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                shawkins Steven Hawkins
                Reporter:
                shawkins Steven Hawkins
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: