Details
-
Task
-
Resolution: Fixed
-
Major - P3
-
None
-
None
-
None
-
Server Security
-
Fully Compatible
-
Security 2023-02-20, Security 2023-03-06
Description
Change from CTR cipher mode to CBC cipher mode for encrypting the user data. In final cipher in use will be AES-256-CBC with AEAD provided by HMAC-SHA-256. This is not the same as the FLE 1 algorithm which took half of SHA-512 for AEAD.
This impacts kFLE2EqualityIndexedValueV2 and kFLE2RangeIndexedValueV2. Also, a new unindexed encrypted value type will be needed that uses CBC.
In the server code, only the QE code that calls encryptDataWithAssociatedData is affected by this change.