Details
-
Bug
-
Status: Open (View Workflow)
-
Major
-
Resolution: Unresolved
-
10.1, 10.2
-
None
Description
Hi,
I've been exploring implementation of MariaDB tablespace, binlog, etc
encryption and encryption plugins and I noticed pretty bad issue.
While encryption plugin may allow to choose or override cipher mode,
only file_key_management plugin does so (choice is CBC or CTR),
aws_key_management plugin leaves what is default. And default mode
appears to be CBC.
Here is where the issue comes. Both CBC and CTR taking IV to encrypt a
block. Their requirements for IV are different though. In particular, it
is essential for IV to be unpredictable in CBC. This however is not the
case with current implementation. IV always chosen with the same pattern
adding up space id, offset and LSN which are highly predictable.
Here is the link explaining why using predictable IV in CBC is
vulnerability
https://stackoverflow.com/questions/3008139/why-is-using-a-non-random-iv-with-cbc-mode-a-vulnerability
One of the possible ways to add randomness for IV is to encrypt it.