[jira] [Updated] (DELTASPIKE-1474) Inquiry Regarding Potential Inadequate Password-Based Encryption in DefaultCipherService.aesEncrypt (DeltaSpike 1.9.4)
[
https://issues.apache.org/jira/browse/DELTASPIKE-1474?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Yifan Xia updated DELTASPIKE-1474:
--
Description:
Hey everyone,
I've got a question concerning the aesEncrypt method within
org.apache.deltaspike.core.impl.crypto.DefaultCipherService.aesEncrypt.
This method employs a custom key derivation function:
{code:java}
private SecretKeySpec getSecretKeySpec(String password)
{
byte[] pwdHash = secureHash(password);
byte[] key = Arrays.copyOf(pwdHash, 16); // using only the first 128 bits
// Note: utilizing 128-bit AES avoids the necessity for the "Unlimited Crypto"
patch
return new SecretKeySpec(key, "AES");
}
{code}
Here, the function hashes the provided password once to serve as the encryption
key, without utilizing a standard pbkdf api.
{code:java}
protected byte[] secureHash(String value)
{
try
{
MessageDigest md = MessageDigest.getInstance(HASH_ALGORITHM);
return md.digest(value.getBytes(UTF_8));
}
catch (NoSuchAlgorithmException e)
{
throw new RuntimeException(e);
}
}
{code}
However, employing such a low iteration count might not suffice for
contemporary encryption standards. For instance, RFC 8018 suggests a minimum of
1000 iterations for PBE[1]. In 2023, OWASP recommended employing 600,000
iterations for PBKDF2-HMAC-SHA256 and 210,000 for PBKDF2-HMAC-SHA512[2].
How about utilizing a standard PBKDF with a higher iteration count instead?
Or we can simply use multi-round hash in the secureHash method for better
security
For instance:
{code:java}
private SecretKeySpec getSecretKeySpec(String password, String salt)
{
int iterationCount = 1; // Recommended: at least 10,000 iterations
int keyLength = 128; // utilizing 128-bit AES
KeySpec spec = new PBEKeySpec(password.toCharArray(), salt.getBytes(),
iterationCount, keyLength);
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
byte[] key = factory.generateSecret(spec).getEncoded();
// Note: utilizing 128-bit AES avoids the necessity for the "Unlimited Crypto"
patch
return new SecretKeySpec(key, "AES");
}
{code}
[1]["PKCS #5: Password-Based Cryptography Specification, Version
2.0"|http://tools.ietf.org/html/rfc2898#section-5.2]
[2] ["Password Storage Cheat
Sheet"|https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2]
was:
Hey everyone,
I've got a question concerning the aesEncrypt method within
org.apache.deltaspike.core.impl.crypto.DefaultCipherService.aesEncrypt.
This method employs a custom key derivation function:
{code:java}
private SecretKeySpec getSecretKeySpec(String password)
{
byte[] pwdHash = secureHash(password);
byte[] key = Arrays.copyOf(pwdHash, 16); // using only the first 128 bits
// Note: utilizing 128-bit AES avoids the necessity for the "Unlimited Crypto"
patch
return new SecretKeySpec(key, "AES");
}
{code}
Here, the function hashes the provided password once to serve as the encryption
key, without utilizing a standard pbkdf api.
{code:java}
protected byte[] c(String value)
{
try
{
MessageDigest md = MessageDigest.getInstance(HASH_ALGORITHM);
return md.digest(value.getBytes(UTF_8));
}
catch (NoSuchAlgorithmException e)
{
throw new RuntimeException(e);
}
}
{code}
However, employing such a low iteration count might not suffice for
contemporary encryption standards. For instance, RFC 8018 suggests a minimum of
1000 iterations for PBE[1]. In 2023, OWASP recommended employing 600,000
iterations for PBKDF2-HMAC-SHA256 and 210,000 for PBKDF2-HMAC-SHA512[2].
How about utilizing a standard PBKDF with a higher iteration count instead?
Or we can simply use multi-round hash in the secureHash method for better
security
For instance:
{code:java}
private SecretKeySpec getSecretKeySpec(String password, String salt)
{
int iterationCount = 1; // Recommended: at least 10,000 iterations
int keyLength = 128; // utilizing 128-bit AES
KeySpec spec = new PBEKeySpec(password.toCharArray(), salt.getBytes(),
iterationCount, keyLength);
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
byte[] key = factory.generateSecret(spec).getEncoded();
// Note: utilizing 128-bit AES avoids the necessity for the "Unlimited Crypto"
patch
return new SecretKeySpec(key, "AES");
}
{code}
[1]["PKCS #5: Password-Based Cryptography Specification, Version
2.0"|http://tools.ietf.org/html/rfc2898#section-5.2]
[2] ["Password Storage Cheat
Sheet"|https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2]
> Inquiry Regarding Potential Inadequate Password-Based Encryption in
> DefaultCipherService.aesEncrypt (DeltaSpike 1.9.4)
> --
>
> Key: DELTASPIKE-1474
> URL: https://issues.apache.org/jira/browse/DELTASPIKE-1474
> Project: DeltaSpike
> Issue
[jira] [Updated] (DELTASPIKE-1474) Inquiry Regarding Potential Inadequate Password-Based Encryption in DefaultCipherService.aesEncrypt (DeltaSpike 1.9.4)
[
https://issues.apache.org/jira/browse/DELTASPIKE-1474?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Yifan Xia updated DELTASPIKE-1474:
--
Description:
Hey everyone,
I've got a question concerning the aesEncrypt method within
org.apache.deltaspike.core.impl.crypto.DefaultCipherService.aesEncrypt.
This method employs a custom key derivation function:
{code:java}
private SecretKeySpec getSecretKeySpec(String password)
{
byte[] pwdHash = secureHash(password);
byte[] key = Arrays.copyOf(pwdHash, 16); // using only the first 128 bits
// Note: utilizing 128-bit AES avoids the necessity for the "Unlimited Crypto"
patch
return new SecretKeySpec(key, "AES");
}
{code}
Here, the function hashes the provided password once to serve as the encryption
key, without utilizing a standard pbkdf api.
{code:java}
protected byte[] c(String value)
{
try
{
MessageDigest md = MessageDigest.getInstance(HASH_ALGORITHM);
return md.digest(value.getBytes(UTF_8));
}
catch (NoSuchAlgorithmException e)
{
throw new RuntimeException(e);
}
}
{code}
However, employing such a low iteration count might not suffice for
contemporary encryption standards. For instance, RFC 8018 suggests a minimum of
1000 iterations for PBE[1]. In 2023, OWASP recommended employing 600,000
iterations for PBKDF2-HMAC-SHA256 and 210,000 for PBKDF2-HMAC-SHA512[2].
How about utilizing a standard PBKDF with a higher iteration count instead?
Or we can simply use multi-round hash in the secureHash method for better
security
For instance:
{code:java}
private SecretKeySpec getSecretKeySpec(String password, String salt)
{
int iterationCount = 1; // Recommended: at least 10,000 iterations
int keyLength = 128; // utilizing 128-bit AES
KeySpec spec = new PBEKeySpec(password.toCharArray(), salt.getBytes(),
iterationCount, keyLength);
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
byte[] key = factory.generateSecret(spec).getEncoded();
// Note: utilizing 128-bit AES avoids the necessity for the "Unlimited Crypto"
patch
return new SecretKeySpec(key, "AES");
}
{code}
[1]["PKCS #5: Password-Based Cryptography Specification, Version
2.0"|http://tools.ietf.org/html/rfc2898#section-5.2]
[2] ["Password Storage Cheat
Sheet"|https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2]
was:
Hey everyone,
I've got a question concerning the aesEncrypt method within
org.apache.deltaspike.core.impl.crypto.DefaultCipherService.aesEncrypt.
This method employs a custom key derivation function:
{code:java}
private SecretKeySpec getSecretKeySpec(String password)
{
byte[] pwdHash = secureHash(password);
byte[] key = Arrays.copyOf(pwdHash, 16); // using only the first 128 bits
// Note: utilizing 128-bit AES avoids the necessity for the "Unlimited Crypto"
patch
return new SecretKeySpec(key, "AES");
}
{code}
Here, the function hashes the provided password once to serve as the encryption
key, without utilizing a standard pbkdf api.
{code:java}
protected byte[] c(String value)
{
try
{
MessageDigest md = MessageDigest.getInstance(HASH_ALGORITHM);
return md.digest(value.getBytes(UTF_8));
}
catch (NoSuchAlgorithmException e)
{
throw new RuntimeException(e);
}
}
{code}
However, employing such a low iteration count might not suffice for
contemporary encryption standards. For instance, RFC 8018 suggests a minimum of
1000 iterations for PBE[1]. In 2023, OWASP recommended employing 600,000
iterations for PBKDF2-HMAC-SHA256 and 210,000 for PBKDF2-HMAC-SHA512[2].
How about utilizing a standard PBKDF with a higher iteration count instead?
Or we can simply use multi-round hash in the secureHash method
For instance:
{code:java}
private SecretKeySpec getSecretKeySpec(String password, String salt)
{
int iterationCount = 1; // Recommended: at least 10,000 iterations
int keyLength = 128; // utilizing 128-bit AES
KeySpec spec = new PBEKeySpec(password.toCharArray(), salt.getBytes(),
iterationCount, keyLength);
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
byte[] key = factory.generateSecret(spec).getEncoded();
// Note: utilizing 128-bit AES avoids the necessity for the "Unlimited Crypto"
patch
return new SecretKeySpec(key, "AES");
}
{code}
[1]["PKCS #5: Password-Based Cryptography Specification, Version 2.0"|
http://tools.ietf.org/html/rfc2898#section-5.2]
[2] ["Password Storage Cheat
Sheet"|https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2]
> Inquiry Regarding Potential Inadequate Password-Based Encryption in
> DefaultCipherService.aesEncrypt (DeltaSpike 1.9.4)
> --
>
> Key: DELTASPIKE-1474
> URL: https://issues.apache.org/jira/browse/DELTASPIKE-1474
> Project: DeltaSpike
> Issue Type: Improvement
>
[jira] [Updated] (DELTASPIKE-1474) Inquiry Regarding Potential Inadequate Password-Based Encryption in DefaultCipherService.aesEncrypt (DeltaSpike 1.9.4)
[
https://issues.apache.org/jira/browse/DELTASPIKE-1474?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Yifan Xia updated DELTASPIKE-1474:
--
Description:
Hey everyone,
I've got a question concerning the aesEncrypt method within
org.apache.deltaspike.core.impl.crypto.DefaultCipherService.aesEncrypt.
This method employs a custom key derivation function:
{code:java}
private SecretKeySpec getSecretKeySpec(String password)
{
byte[] pwdHash = secureHash(password);
byte[] key = Arrays.copyOf(pwdHash, 16); // using only the first 128 bits
// Note: utilizing 128-bit AES avoids the necessity for the "Unlimited Crypto"
patch
return new SecretKeySpec(key, "AES");
}
{code}
Here, the function hashes the provided password once to serve as the encryption
key, without utilizing a standard pbkdf api.
{code:java}
protected byte[] c(String value)
{
try
{
MessageDigest md = MessageDigest.getInstance(HASH_ALGORITHM);
return md.digest(value.getBytes(UTF_8));
}
catch (NoSuchAlgorithmException e)
{
throw new RuntimeException(e);
}
}
{code}
However, employing such a low iteration count might not suffice for
contemporary encryption standards. For instance, RFC 8018 suggests a minimum of
1000 iterations for PBE[1]. In 2023, OWASP recommended employing 600,000
iterations for PBKDF2-HMAC-SHA256 and 210,000 for PBKDF2-HMAC-SHA512[2].
How about utilizing a standard PBKDF with a higher iteration count instead?
Or we can simply use multi-round hash in the secureHash method
For instance:
{code:java}
private SecretKeySpec getSecretKeySpec(String password, String salt)
{
int iterationCount = 1; // Recommended: at least 10,000 iterations
int keyLength = 128; // utilizing 128-bit AES
KeySpec spec = new PBEKeySpec(password.toCharArray(), salt.getBytes(),
iterationCount, keyLength);
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
byte[] key = factory.generateSecret(spec).getEncoded();
// Note: utilizing 128-bit AES avoids the necessity for the "Unlimited Crypto"
patch
return new SecretKeySpec(key, "AES");
}
{code}
[1]["PKCS #5: Password-Based Cryptography Specification, Version 2.0"|
http://tools.ietf.org/html/rfc2898#section-5.2]
[2] ["Password Storage Cheat
Sheet"|https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2]
was:
Hey everyone,
I've got a question concerning the aesEncrypt method within
org.apache.deltaspike.core.impl.crypto.DefaultCipherService.aesEncrypt.
This method employs a custom key derivation function:
```java
private SecretKeySpec getSecretKeySpec(String password)
{
byte[] pwdHash = secureHash(password);
byte[] key = Arrays.copyOf(pwdHash, 16); // using only the first 128 bits
// Note: utilizing 128-bit AES avoids the necessity for the "Unlimited Crypto"
patch
return new SecretKeySpec(key, "AES");
}
```
Here, the function hashes the provided password once to serve as the encryption
key, without utilizing a standard pbkdf api.
```java
protected byte[] c(String value)
{
try
{
MessageDigest md = MessageDigest.getInstance(HASH_ALGORITHM);
return md.digest(value.getBytes(UTF_8));
}
catch (NoSuchAlgorithmException e)
{
throw new RuntimeException(e);
}
}
```
However, employing such a low iteration count might not suffice for
contemporary encryption standards. For instance, RFC 8018 suggests a minimum of
1000 iterations for PBE[1]. In 2023, OWASP recommended employing 600,000
iterations for PBKDF2-HMAC-SHA256 and 210,000 for PBKDF2-HMAC-SHA512[2].
How about utilizing a standard PBKDF with a higher iteration count instead?
Or we can simply use multi-round hash in the secureHash method
For instance:
```java
private SecretKeySpec getSecretKeySpec(String password, String salt)
{
int iterationCount = 1; // Recommended: at least 10,000 iterations
int keyLength = 128; // utilizing 128-bit AES
KeySpec spec = new PBEKeySpec(password.toCharArray(), salt.getBytes(),
iterationCount, keyLength);
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
byte[] key = factory.generateSecret(spec).getEncoded();
// Note: utilizing 128-bit AES avoids the necessity for the "Unlimited Crypto"
patch
return new SecretKeySpec(key, "AES");
}
```
[1][ "PKCS #5: Password-Based Cryptography Specification, Version
2.0"|http://tools.ietf.org/html/rfc2898#section-5.2]
[2] ["Password Storage Cheat
Sheet"|https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2]
> Inquiry Regarding Potential Inadequate Password-Based Encryption in
> DefaultCipherService.aesEncrypt (DeltaSpike 1.9.4)
> --
>
> Key: DELTASPIKE-1474
> URL: https://issues.apache.org/jira/browse/DELTASPIKE-1474
> Project: DeltaSpike
> Issue Type: Improvement
> Security Level: public(Regular
[jira] [Created] (DELTASPIKE-1474) Inquiry Regarding Potential Inadequate Password-Based Encryption in DefaultCipherService.aesEncrypt (DeltaSpike 1.9.4)
Yifan Xia created DELTASPIKE-1474:
-
Summary: Inquiry Regarding Potential Inadequate Password-Based
Encryption in DefaultCipherService.aesEncrypt (DeltaSpike 1.9.4)
Key: DELTASPIKE-1474
URL: https://issues.apache.org/jira/browse/DELTASPIKE-1474
Project: DeltaSpike
Issue Type: Improvement
Security Level: public (Regular issues)
Reporter: Yifan Xia
Hey everyone,
I've got a question concerning the aesEncrypt method within
org.apache.deltaspike.core.impl.crypto.DefaultCipherService.aesEncrypt.
This method employs a custom key derivation function:
```java
private SecretKeySpec getSecretKeySpec(String password)
{
byte[] pwdHash = secureHash(password);
byte[] key = Arrays.copyOf(pwdHash, 16); // using only the first 128 bits
// Note: utilizing 128-bit AES avoids the necessity for the "Unlimited Crypto"
patch
return new SecretKeySpec(key, "AES");
}
```
Here, the function hashes the provided password once to serve as the encryption
key, without utilizing a standard pbkdf api.
```java
protected byte[] c(String value)
{
try
{
MessageDigest md = MessageDigest.getInstance(HASH_ALGORITHM);
return md.digest(value.getBytes(UTF_8));
}
catch (NoSuchAlgorithmException e)
{
throw new RuntimeException(e);
}
}
```
However, employing such a low iteration count might not suffice for
contemporary encryption standards. For instance, RFC 8018 suggests a minimum of
1000 iterations for PBE[1]. In 2023, OWASP recommended employing 600,000
iterations for PBKDF2-HMAC-SHA256 and 210,000 for PBKDF2-HMAC-SHA512[2].
How about utilizing a standard PBKDF with a higher iteration count instead?
Or we can simply use multi-round hash in the secureHash method
For instance:
```java
private SecretKeySpec getSecretKeySpec(String password, String salt)
{
int iterationCount = 1; // Recommended: at least 10,000 iterations
int keyLength = 128; // utilizing 128-bit AES
KeySpec spec = new PBEKeySpec(password.toCharArray(), salt.getBytes(),
iterationCount, keyLength);
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
byte[] key = factory.generateSecret(spec).getEncoded();
// Note: utilizing 128-bit AES avoids the necessity for the "Unlimited Crypto"
patch
return new SecretKeySpec(key, "AES");
}
```
[1][ "PKCS #5: Password-Based Cryptography Specification, Version
2.0"|http://tools.ietf.org/html/rfc2898#section-5.2]
[2] ["Password Storage Cheat
Sheet"|https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
