OFBiz OFBiz - User

encrypted entity data is insecure?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Chris Snow-3
Reply | Threaded
Open this post in threaded view
|

encrypted entity data is insecure?

Chris Snow-3
It looks as though no salt data is used when saving encrypted entity
data making the stored data susceptible to dictionary attacks, for
details see:

http://en.wikipedia.org/wiki/Salt_(cryptography)
Chris Snow-3
Reply | Threaded
Open this post in threaded view
|

Re: encrypted entity data is insecure?

Chris Snow-3
Jira raised:

https://issues.apache.org/jira/browse/OFBIZ-3006


> It looks as though no salt data is used when saving encrypted entity
> data making the stored data susceptible to dictionary attacks, for
> details see:
>
> http://en.wikipedia.org/wiki/Salt_(cryptography)
>
>

Free forum by Nabble Edit this page