Bug #15086 use AES in CBC mode with init-vector by default
Submitted: 20 Nov 2005 21:48 Modified: 14 Jan 2020 9:16
Reporter: Ralf Hauser Email Updates:
Status: Won't fix Impact on me:
None 
Category:MySQL Server: DML Severity:S4 (Feature request)
Version:all OS:Any (all)
Assigned to: CPU Architecture:Any

[20 Nov 2005 21:48] Ralf Hauser 
Description:
The currently used ECB is really bad when chosen plaintext attacks are possible - which is often the case in databases with often only short fields.

How to repeat:
always

Suggested fix:
Therefore CBC should be the default.

The mysql AES-implementation should always choose an initializationvectory by itself and for example place it as the first 16 bytes of the field.
(similar to the salt concatenation as is done for gnu-crypted passwords already as in http://bugs.mysql.com/bug.php?id=784)
[20 Nov 2005 21:54] Ralf Hauser 
see also http://dev.mysql.com/doc/refman/5.0/en/encryption-functions.html
[22 Nov 2005 11:43] Sergei Golubchik 
CBC sounds reasonable, though I don't know how it could be done without forcing everybody to re-encrypt the data. We'll think about it.
IV - well, users don't seem to like when two calls to the same function with the same arguments produce different results. In CBC, if one cares, random IV could be easily emulated by adding random block to the beginning of the data.
[29 Mar 2014 10:04] Daniƫl van Eeden 
This might be fixed

http://mysqlserverteam.com/understand-and-satisfy-your-aes-encryption-needs-with-5-6-17/
[14 Jan 2020 9:16] Georgi Kodinov 
Posted by developer:
 
The possibility to specify different blocking modes was added quite some time ago: http://mysqlserverteam.com/understand-and-satisfy-your-aes-encryption-needs-with-5-6-17/

And I don't think the default should be changed for the reasons mentioned in the blog post: backward compatibility.
Thus closing the FR.