Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-63814

Audit Encryption IVs only use 8 bytes of available 12 bytes

    XMLWordPrintableJSON

Details

    • Icon: Improvement Improvement
    • Resolution: Won't Fix
    • Icon: Major - P3 Major - P3
    • None
    • None
    • None
    • None
    • Server Security

    Description

      The audit encryption IVs increment the IVs using the initialization count and the invocation count from the Symmetric Key. It uses the initialization count as the first 4 bytes of the IV and the invocation count as the last 8 bytes. The initialization count never increments throughout the process, which means that we are not using the first four bytes, leading the number of audit logs that are allowed to be encrypted to be 2^64 instead of 2^96.

      Attachments

        Activity

          People

            backlog-server-security Backlog - Security Team
            shreyas.kalyan@mongodb.com Shreyas Kalyan
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: