Wallet database encryption does not bind to field keys #4137
Assignees
Comments
agubarev
added a commit
to agubarev/tari
that referenced
this issue
Jul 22, 2022
…ytes_integral_nonce`. tari-project#4137 Signed-off-by: Andrei Gubarev <[email protected]>
agubarev
added a commit
to agubarev/tari
that referenced
this issue
Jul 22, 2022
…ytes_integral_nonce`. tari-project#4137 Signed-off-by: Andrei Gubarev <[email protected]>
agubarev
added a commit
to agubarev/tari
that referenced
this issue
Jul 22, 2022
…ytes_integral_nonce`. tari-project#4137 Signed-off-by: Andrei Gubarev <[email protected]>
agubarev
added a commit
to agubarev/tari
that referenced
this issue
Jul 23, 2022
…ytes_integral_nonce`. tari-project#4137 Signed-off-by: Andrei Gubarev <[email protected]>
agubarev
added a commit
to agubarev/tari
that referenced
this issue
Jul 23, 2022
…ytes_integral_nonce`. tari-project#4137 Signed-off-by: Andrei Gubarev <[email protected]>
agubarev
added a commit
to agubarev/tari
that referenced
this issue
Jul 25, 2022
…`decrypt_bytes_integral_nonce()`. tari-project#4137 Signed-off-by: Andrei Gubarev <[email protected]>
agubarev
added a commit
to agubarev/tari
that referenced
this issue
Jul 25, 2022
…`decrypt_bytes_integral_nonce()`. tari-project#4137 Signed-off-by: Andrei Gubarev <[email protected]>
agubarev
added a commit
to agubarev/tari
that referenced
this issue
Jul 28, 2022
…`decrypt_bytes_integral_nonce()`. tari-project#4137 Signed-off-by: Andrei Gubarev <[email protected]>
agubarev
added a commit
to agubarev/tari
that referenced
this issue
Jul 28, 2022
…`decrypt_bytes_integral_nonce()`. tari-project#4137 Signed-off-by: Andrei Gubarev <[email protected]>
agubarev
added a commit
to agubarev/tari
that referenced
this issue
Jul 29, 2022
…`decrypt_bytes_integral_nonce()`. tari-project#4137 Signed-off-by: Andrei Gubarev <[email protected]>
aviator-app bot
pushed a commit
that referenced
this issue
Aug 3, 2022
) Description --- Added `source_key` to `encrypt_bytes_integral_nonce()` and `decrypt_bytes_integral_nonce()` which are used to encrypt and decrypt values in the storage backend. Also, encrypted values are now suffixed with a MAC. Motivation and Context --- #4137 Wallet database field key-value entries are secured in place: AES-GCM is used to encrypt values, with keys left in the clear. However, the value encryption does not bind this operation to the field key. An attacker could replace these values with other encrypted values taken from elsewhere in the database (or otherwise encrypted using the same AES-GCM key) without detection. One mitigation is to use the field key as associated data passed to the encryption and decryption operations. How Has This Been Tested? --- unit test
sdbondi
added a commit
to sdbondi/tari
that referenced
this issue
Aug 4, 2022
* development: fix: wallet database encryption does not bind to field keys tari-project#4137 (tari-project#4340) fix: use SafePassword struct instead of String for passwords (tari-project#4320) feat(dan): template macro handles component state (tari-project#4380) fix(dht)!: add message padding for message decryption, to reduce message length leaks (fixes tari-project#4140) (tari-project#4362) fix(wallet): update seed words for output manager tests (tari-project#4379)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Wallet database field key-value entries are secured in place: AES-GCM is used to encrypt values, with keys left in the clear. However, the value encryption does not bind this operation to the field key. An attacker could replace these values with other encrypted values taken from elsewhere in the database (or otherwise encrypted using the same AES-GCM key) without detection.
One mitigation is to use the field key as associated data passed to the encryption and decryption operations.
The text was updated successfully, but these errors were encountered: