Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-59937

Verify the encrypted audit log IVs have correct sequence

    XMLWordPrintableJSON

Details

    • Icon: Task Task
    • Resolution: Fixed
    • Icon: Major - P3 Major - P3
    • 5.1.0-rc0
    • None
    • None
    • None
    • Fully Compatible
    • Security 2021-09-20, Security 2021-10-04, Security 2021-10-18

    Description

      The audit log encryption feature uses an incrementing IV counter when encrypting each log line. This counter serves as an integrity check on the sequence of each individual log line so, that we can verify that no lines have been removed or swapped in the middle of the audit log file.

      mongoauditdecrypt should have a way of checking the IVs are monotonically increasing by 1 every time it decrypts a log line, and fail when a log line does not have the expected IV.

      Attachments

        Activity

          People

            erwin.pe@mongodb.com Erwin Pe
            erwin.pe@mongodb.com Erwin Pe
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: