You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It was pointed out to me that Cloak supports both GCM mode and CTR mode. Since GCM mode is the more secure choice of the two (CTR is unauthenticated, and thus susceptible to malleability attacks), I wonder if it's worth including a recommendation to use GCM mode in both this project, and cloak_ecto?
I understand that you're probably not in a position to remove CTR support, for backwards compatibility reasons, but how do you feel about logging deprecation warnings if you detect CTR being configured? Since Cloak makes it easy to re-encrypt data with a new cipher, I think you'd be able to provide a nice migration path toward people securing their data more effectively.
Either way, thanks for the great library :)
The text was updated successfully, but these errors were encountered:
It was pointed out to me that Cloak supports both GCM mode and CTR mode. Since GCM mode is the more secure choice of the two (CTR is unauthenticated, and thus susceptible to malleability attacks), I wonder if it's worth including a recommendation to use GCM mode in both this project, and
cloak_ecto
?I understand that you're probably not in a position to remove CTR support, for backwards compatibility reasons, but how do you feel about logging deprecation warnings if you detect CTR being configured? Since Cloak makes it easy to re-encrypt data with a new cipher, I think you'd be able to provide a nice migration path toward people securing their data more effectively.
Either way, thanks for the great library :)
The text was updated successfully, but these errors were encountered: