Skip to main content

Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

    •  
      request #44081 Internal symmetric cryptographic API should be resistant against Invisible Salamanders / Confused Deputies attacks
    Infos
    #44081
    Thomas Gerbet (tgerbet)
    2026-01-26 17:52
    2025-08-05 17:33
    45821
    Details
    Internal symmetric cryptographic API should be resistant against Invisible Salamanders / Confused Deputies attacks

    In it's current form the our internal API does not make possible to prevent this sort of attack from happening, it should.

    References:
    https://eprint.iacr.org/2019/016
    https://soatok.blog/2023/03/01/database-cryptography-fur-the-rest-of-us/

    Other
    All
    Empty
    • [ ] enhancement
    • [x] internal improvement
    Empty
    Stage
    Thomas Gerbet (tgerbet)
    Closed
    2026-01-26
    Attachments
    Empty
    References
    Referenced by request #44081

    Artifact

    rel #46324 17.3
    Display settings

    Follow-ups