In the current solidpod implementation, data is encrypted using AESMode.sic is CTR mode. CTR is malleable: flipping a bit in ciphertext flips the same bit in the decrypted plaintext, and decryption succeeds silently. Furthermore, there is no MAC, no GCM tag, no AEAD anywhere in solidpod.
In the current
solidpodimplementation, data is encrypted usingAESMode.sicis CTR mode. CTR is malleable: flipping a bit in ciphertext flips the same bit in the decrypted plaintext, and decryption succeeds silently. Furthermore, there is no MAC, no GCM tag, no AEAD anywhere insolidpod.