cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Re: ePO Encryption Algorithm

Hi again,

I have few more in-depth question.

1.What is the encryption algorithm used in the application ? What is the purpose of the encryption?

 Eg: If the encryption algorithm is aes (128, 256), triple des what is the purpose of the encryption? Is the purpose used to encrypt user login details in database server?

 

2.What is the hashing algorithm used ?

Triple Des yes?

3.Where is the key store at ?

c:\programdata\mcafee\agent\keystore. There is a lot of key file in it. Which is the main key and how do I view it? Something i am able to provide and proof to my security auditor.

4. How is each key unique to each installation of epo. By just the license key ? or the system SSID and time date it was installed that makes it unique and secure.?

 

McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 12 of 16

Re: ePO Encryption Algorithm

1.What is the encryption algorithm used in the application ? What is the purpose of the encryption?

 Eg: If the encryption algorithm is aes (128, 256), triple des what is the purpose of the encryption? Is the purpose used to encrypt user login details in database server?

There are several different places certificates are used.  Browser cert to validate the epo server is who it says it is, apache to tomcat for secure communication between apache and tomcat and apace certs for secure communication between apache and the clients.  Database encryption is not enabled by default, so that has to be configured by the customer.  See KB84628.  

 

2.What is the hashing algorithm used ?

Triple Des yes?

That was already answered - aes (128, 256), triple des

3.Where is the key store at ?

c:\programdata\mcafee\agent\keystore. There is a lot of key file in it. Which is the main key and how do I view it? Something i am able to provide and proof to my security auditor.

You don't view them, they are unique to each system and server.  You can view the cabundle.cer in C:\ProgramData\McAfee\Agent as you would any certificate.

4. How is each key unique to each installation of epo. By just the license key ? or the system SSID and time date it was installed that makes it unique and secure?

When epo is installed on a server, a unique private server key is generated for that install.  All subsequent certificates are generated signed by that private key.  So an agent key signed by that root epo key cannot communicate with another epo server with different key.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: ePO Encryption Algorithm

Hi,

Back to the triple des algorithm.

Do you happen to know the key size for it?
56, 112 ,168

 

For McAfee EPO application, the password encryption is using AES 256 with 3DES or just AES 256?

McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 14 of 16

Re: ePO Encryption Algorithm

In previous versions, the algorithm that was used was 3DES; from 4.6 onward, it is AES 256.  So I guess we no longer use 3des.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: ePO Encryption Algorithm

Would like to seek your clarification on below:

Understand that the Encryption Key for EPO is stored at %McAfee\ePolicy Orchestrator\Server\keystore\server.keystore

 

Is the EPO portal using the key during EPO portal Login Authentication for encryption/decryption?

  1. Please briefly explain how does the encryption process work for stored password in database during EPO portal Login Authentication.


        2.What is the encryption algorithm (i.e AES-256) is using for stored password in database during             EPO portal Login Authentication.

       3.What is the hashing algorithm (i.e SHA-256 ) is using for stored password in database during
        EPO portal Login Authentication.

McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 16 of 16

Re: ePO Encryption Algorithm

    2.What is the encryption algorithm (i.e AES-256) is using for stored password in database during             EPO portal Login Authentication.

As already stated, we use AES-256, but passwords use a hard coded obfuscation key with a key that is unique for each install, which is used for the database password stored in server\conf\orion\db.properties and the value in the database for users.
This key is generated and inserted into the registry by the installer for clean installs and upgrades, and the key is protected by ACL defined by the installer.

       3.What is the hashing algorithm (i.e SHA-256 ) is using for stored password in database during
        EPO portal Login Authentication.

All passwords stored in the database are salted with a unique obfuscation key, as stated.  That obfuscation method is not available for us to share.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community