qiyuangong
commented
2 years ago Open qiyuangong opened 2 years ago
qiyuangong
commented
2 years ago qiyuangong
commented
2 years ago Need to refine these hard coded value
qiyuangong
commented
2 years ago Default Hmac for AES-256 CBC is SHA256. Default Hamc for AES GCM is "". https://docs.oracle.com/javase/8/docs/api/javax/crypto/Mac.html
qiyuangong
commented
2 years ago Issue addressed by #4968 and #5023
qiyuangong
commented
2 years ago qiyuangong
commented
2 years ago qiyuangong
commented
2 years ago Get bytes from string is not a good idea. Entropy is less than pure bytes. https://github.com/intel-analytics/BigDL/blob/main/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/crypto/BigDLEncrypt.scala#L56
Need to byte->base64->byte.
qiyuangong
commented
2 years ago Remove magic numbers in code. May them changeable, add default value.
val signingKey = Arrays.copyOfRange(secret, 0, 16)
val encryptKey = Arrays.copyOfRange(secret, 16, 48)
val r = new SecureRandom()
initializationVector = Array.tabulate(16)(_ => (r.nextInt(256) - 128).toByte)
SDL no longer recommend AES 128/192. Need to change to 256 for AES default key length.
Note: AES-256 is required because use of AES-128 or AES-192 exposes the implementation to pre-computation attacks, reducing the security below the target of 128-bits of security.