[Node v8.9.4] Warning: Use Cipheriv for counter mode of aes-256-ctr
Closed this issue ยท 9 comments
I am also noticing this with Node v8.9.4
Taken from nodejs/node 16746
It's in the warning: use
crypto.createCipheriv(), notcrypto.createCipher().
I take it we'll need to patch here:
connect-memcached/lib/connect-memcached.js
Line 202 in 33f19c2
@balor LMK if you'd like a PR
@chrisiona please do so, it'll definitely motivate me for a new minor release :)
Any news about this?
Ok, found a little time to work on it.
You get the warning because the default algorithm for crypto is aes-256-ctr which is in a counter mode (-ctr) and use of these kind of algorithms together with createCipher function renders security inefficiency, as the same initialization vector is used every time. To be honest this case shouldn't be possible but somehow node crypto module allowed it and now they're trying to fix broken (cryptographically) code by prompting the warning.
It seems that the reasonable fix is to replace createCipher with createCipheriv and generate random iv each time, but that will render current session data incompatible.
Second option is to do a trick similar to this one, which tries to differentiate corrupted sessions and use old function on them exclusively. I'm not a big fan of such solutions to be honest.
Finally, if you really want to fix the security problem, you want not only to use new function for but completely replace the session store with properly encoded data.
What do you think? Feedback needed :)
All right, decided I'll go with the first option, use createCipheriv exclusively and bump major version to 1.0.0 as this will be breaking changes.
Concretely, if You're using encryption, after upgrade to 1.0.0 old session data will become unreadable. Positive side of this approach is cleaner code and security consistency on designated session data.
I'll try to finish everything till the end of this week.