Skip to content

Do not use AES in CBC mode for encrypting the username in Cookies #453

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Open
jkakavas opened this issue Sep 11, 2017 · 2 comments
Open

Do not use AES in CBC mode for encrypting the username in Cookies #453

jkakavas opened this issue Sep 11, 2017 · 2 comments
Labels
security

Comments

@jkakavas
Copy link
Member

We currently use AES CBC by default in order to encrypt the username of the authenticated users in the encrypted session cookies. AES CBC protects only confidentiality and not the integrity ( authenticity ) and an attacker could be able to modify the encrypted value in order to authenticate as any other user.

We should use authenticated encryption instead
@007
Copy link

007 commented Jan 8, 2018

This may be as easy as specifying MODE_GCM as the default for https://github.com/rohe/pysaml2/blob/bc6d4cdacd0f66a68c2b0f7bdf9856387776dce8/src/saml2/aes.py#L31 and related calls in that file.

Commenting here as a pointer for anyone looking to implement, as well as for my own ToDo list.

@peppelinux
Copy link
Member

luckily I use cookies inside a wrapper (django) to manage user sessions. I hope this topic has already had a follow up given its delicacy

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@007 @peppelinux @jkakavas