-
Type: Improvement
-
Resolution: Won't Fix
-
Priority: Major - P3
-
None
-
Affects Version/s: None
-
Component/s: None
-
Labels:None
-
Server Security
The audit encryption IVs increment the IVs using the initialization count and the invocation count from the Symmetric Key. It uses the initialization count as the first 4 bytes of the IV and the invocation count as the last 8 bytes. The initialization count never increments throughout the process, which means that we are not using the first four bytes, leading the number of audit logs that are allowed to be encrypted to be 2^64 instead of 2^96.