[Esapi-dev] HMAC validation bypass in ESAPI Symetric Encryption

Kevin W. Wall kevin.w.wall at gmail.com
Wed Dec 4 00:37:23 UTC 2013

Bouncy Castle has supported them at least since early ESAPI 2.0RC days.
Oracle started supporting them in SunJCE in JDK 7. So, I guess the answer
is YMMV. IMO, it's still too early to make them the ESAPI defaults, but
IMO, if you can use them, you should. Based on feedback from professional
cryptographers, I'd probably recommend CCM over GCM as the latter is a bit
"twitchy" and much harder to eliminate timing side channels. Consult with
the crypto policies of your company and/or local company crypto guru before
making any changes though.

Sent from my Droid; please excuse typos.
On Dec 3, 2013 5:11 PM, "Jim Manico" <jim.manico at owasp.org> wrote:

> > In the meantime, or actually I should say regardless, I would recommend
> > using CCM or GCM cipher modes rather than CBC mode.
> Are these supported well enough today? Google KeyCzar is still using CBC
> mode...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/esapi-dev/attachments/20131203/1bc3f35d/attachment.html>

More information about the Esapi-dev mailing list