[SERVER-63814] Audit Encryption IVs only use 8 bytes of available 12 bytes Created: 18/Feb/22  Updated: 06/Dec/22  Resolved: 22/Feb/22

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Major - P3
Reporter: Shreyas Kalyan Assignee: Backlog - Security Team
Resolution: Won't Fix Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Assigned Teams:
Server Security
Participants:

 Description   

The audit encryption IVs increment the IVs using the initialization count and the invocation count from the Symmetric Key. It uses the initialization count as the first 4 bytes of the IV and the invocation count as the last 8 bytes. The initialization count never increments throughout the process, which means that we are not using the first four bytes, leading the number of audit logs that are allowed to be encrypted to be 2^64 instead of 2^96.


Generated at Thu Feb 08 05:58:44 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.