[ 
https://issues.apache.org/jira/browse/SPARK-38422?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sean R. Owen resolved SPARK-38422.
----------------------------------
    Resolution: Not A Problem

> Encryption algorithms should be used with secure mode and padding scheme
> ------------------------------------------------------------------------
>
>                 Key: SPARK-38422
>                 URL: https://issues.apache.org/jira/browse/SPARK-38422
>             Project: Spark
>          Issue Type: Bug
>          Components: SQL
>    Affects Versions: 3.3.0
>            Reporter: Bjørn Jørgensen
>            Priority: Major
>
> I have scanned java files with Sonarqube and in 
> https://github.com/apache/spark/blob/master/sql/catalyst/src/main/java/org/apache/spark/sql/catalyst/expressions/ExpressionImplUtils.java
> {code:java}
> try {
>       if (mode.equalsIgnoreCase("ECB") &&
>           (padding.equalsIgnoreCase("PKCS") || 
> padding.equalsIgnoreCase("DEFAULT"))) {
>         Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
> {code}
> Encryption operation mode and the padding scheme should be chosen 
> appropriately to guarantee data confidentiality, integrity and authenticity:
> For block cipher encryption algorithms (like AES):
> The GCM (Galois Counter Mode) mode which works internally with zero/no 
> padding scheme, is recommended, as it is designed to provide both data 
> authenticity (integrity) and confidentiality. Other similar modes are CCM, 
> CWC, EAX, IAPM and OCB.
> The CBC (Cipher Block Chaining) mode by itself provides only data 
> confidentiality, it’s recommended to use it along with Message Authentication 
> Code or similar to achieve data authenticity (integrity) too and thus to 
> prevent padding oracle attacks.
> The ECB (Electronic Codebook) mode doesn’t provide serious message 
> confidentiality: under a given key any given plaintext block always gets 
> encrypted to the same ciphertext block. This mode should not be used.
> For RSA encryption algorithm, the recommended padding scheme is OAEP.
> [OWASP Top 10 2021|https://owasp.org/Top10/A02_2021-Cryptographic_Failures/] 
> Category A2 - Cryptographic Failures
> [OWASP Top 10 
> 2017|https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html]
>  Category A6 - Security Misconfiguration
> [Mobile 
> AppSec|https://mobile-security.gitbook.io/masvs/security-requirements/0x08-v3-cryptography_verification_requirements]
>  Verification Standard - Cryptography Requirements
> [OWASP Mobile Top 10 
> 2016|https://owasp.org/www-project-mobile-top-10/2016-risks/m5-insufficient-cryptography]
>  Category M5 - Insufficient Cryptography
> [MITRE, CWE-327|https://cwe.mitre.org/data/definitions/327.html]  - Use of a 
> Broken or Risky Cryptographic Algorithm
> [CERT, 
> MSC61-J.|https://wiki.sei.cmu.edu/confluence/display/java/MSC61-J.+Do+not+use+insecure+or+weak+cryptographic+algorithms]
>  - Do not use insecure or weak cryptographic algorithms
> [SANS Top 25|https://www.sans.org/top25-software-errors/#cat3] - Porous 
> Defenses



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org

Reply via email to