New CloudStack Database Encryption Engine l CloudStack Feature Deep Dive
Introduction As part of its security capabilities, Apache CloudStack encrypts sensitive information such as user credentials and passwords. For over a decade, Apache CloudStack has used the StandardPBEStringEncryptor from the jasypt library to encrypt data. However, the encryption algorithm used by this library, “PBEWithMD5AndDes” is now considered insecure because it relies on outdated cryptographics, namely the MD5 hash function and the DES encryption cipher, which has only a 56-bit key length. To improve the security of Apache CloudStack, it is recommended to use a more modern and secure encryption algorithm, such as AES-GCM . AES-GCM is a mode of operation […]