-
Enhancement
-
Resolution: Unresolved
-
P3
-
8, 11, 15
A DESCRIPTION OF THE PROBLEM :
AES-GCM-SIV offers an alternative to AES-GCM with improved nonce collision resistance, thus making it more suitable for AEAD scenarios where a random nonce is used than existing solutions such as AES-GCM. It is ideal to have modern ciphers like AES-GCM-SIV in the JRE itself rather than having them be provided by an external provider such as BouncyCastle or Conscrypt so that libraries authors who wish to add encryption can make use of the cipher without adding a dependency on an external provider.
This cipher is particularly useful for application-layer encryption scenarios.
Ideally, this cipher addition would be backported to 11 and 8 as well, to ensure that even newly written crypto code can work with existing systems. For many operators it is practical to continue running on Java 8 or 11, but crypto improvements need to continue happening.
AES-GCM-SIV offers an alternative to AES-GCM with improved nonce collision resistance, thus making it more suitable for AEAD scenarios where a random nonce is used than existing solutions such as AES-GCM. It is ideal to have modern ciphers like AES-GCM-SIV in the JRE itself rather than having them be provided by an external provider such as BouncyCastle or Conscrypt so that libraries authors who wish to add encryption can make use of the cipher without adding a dependency on an external provider.
This cipher is particularly useful for application-layer encryption scenarios.
Ideally, this cipher addition would be backported to 11 and 8 as well, to ensure that even newly written crypto code can work with existing systems. For many operators it is practical to continue running on Java 8 or 11, but crypto improvements need to continue happening.