Bug #15086 | use AES in CBC mode with init-vector by default | ||
---|---|---|---|
Submitted: | 20 Nov 2005 21:48 | Modified: | 14 Jan 2020 9:16 |
Reporter: | Ralf Hauser | Email Updates: | |
Status: | Won't fix | Impact on me: | |
Category: | MySQL Server: DML | Severity: | S4 (Feature request) |
Version: | all | OS: | Any (all) |
Assigned to: | CPU Architecture: | Any |
[20 Nov 2005 21:48]
Ralf Hauser
[20 Nov 2005 21:54]
Ralf Hauser
see also http://dev.mysql.com/doc/refman/5.0/en/encryption-functions.html
[22 Nov 2005 11:43]
Sergei Golubchik
CBC sounds reasonable, though I don't know how it could be done without forcing everybody to re-encrypt the data. We'll think about it. IV - well, users don't seem to like when two calls to the same function with the same arguments produce different results. In CBC, if one cares, random IV could be easily emulated by adding random block to the beginning of the data.
[29 Mar 2014 10:04]
Daniƫl van Eeden
This might be fixed http://mysqlserverteam.com/understand-and-satisfy-your-aes-encryption-needs-with-5-6-17/
[14 Jan 2020 9:16]
Georgi Kodinov
Posted by developer: The possibility to specify different blocking modes was added quite some time ago: http://mysqlserverteam.com/understand-and-satisfy-your-aes-encryption-needs-with-5-6-17/ And I don't think the default should be changed for the reasons mentioned in the blog post: backward compatibility. Thus closing the FR.