20679 – AES keys should not be tied to CTR or CBC

This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 20679 - AES keys should not be tied to CTR or CBC

Summary: AES keys should not be tied to CTR or CBC

Status:	RESOLVED WONTFIX

Alias:	None

Product:	Web Cryptography
Classification:	Unclassified
Component:	Web Cryptography API Document (show other bugs)
Version:	unspecified
Hardware:	PC All

Importance:	P2 normal
Target Milestone:	---
Assignee:	David Dahl
QA Contact:

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2013-01-15 20:32 UTC by Mark Watson
Modified:	2013-01-21 16:14 UTC (History)
CC List:	1 user (show)

See Also:

Attachments

Description Mark Watson 2013-01-15 20:32:48 UTC

Presently, the API allows import or generation of AES keys using the "AES-CTR" or "AES-CBC" algorithms. However the AES mode is not really a property of the key.

Consider removing the generateKey operation from AES-CTR and AES-CBC and defining a new algorithm, "AES", supporting generateKey, importKey and exportKey.

Comment 1 Ryan Sleevi 2013-01-21 16:14:13 UTC

This is a design choice, not a defect.

The re-use of an AES key in multiple modes of operation can be fatal to the underlying security guarantees. A key used to protect or unprotect data with a particular algorithm should not be reused for any other algorithms. See also the discussion of Key Tainting.