© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
513534c
demo site
(Get the code!)
The statement that "CBC is intended as a stream cipher" is contrary to my understanding. CFB, OFB and CTR are all typically used as stream modes with AES. CBC is a block cipher mode, it is often used with network technologies like TLS which is why it is sometimes miss-identified as a stream cipher, however TLS using AES-CBC still has to transmit entire blocks, even if the data does not fill a block. This results in padding of the block which can in some implementations results in issues like Poodle.
I'd agree that this is a class D issue. I was once told that "There is no encryption without authentication" which in this context basically means that "AES-GCM" might be a better solution, it's hard to say without knowing a lot more about Trove.
Authentication (which could be done with CBC-MAC) aside, I don't see any significant issues with using CBC here I do not believe it puts users at any significant risk.