This issue was reported in the Kubernetes Security Audit Report

Description
The cryptographic recommendations in the official documentation are not accurate, and may lead users to make unsafe choices with their Kubernetes encryption configuration.

https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/

The default encryption option for users should be SecretBox. It is more secure and efficient than AES-CBC. Users should be encouraged to use KMS whenever possible. We believe these should be the only two options available to users. AES-GCM is secure, but as the docs point out, requires frequent key rotation to avoid nonce reuse attacks.

Finally, AES-CBC is vulnerable to padding oracle attacks and should be deprecated. While Kubernetes doesn't lend itself to a padding oracle attack, AES-CBC being the recommended algorithm both spreads misconceptions about cryptographic security and promotes a strictly worse choice than SecretBox.

Exploit Scenario
Alice configures an EncryptionConfiguration following the Kubernetes official documentation. Due to the lack of correctness in regards to best practices, Alice is misled and uses the wrong encryption provider.

Recommendation
Short term, default to the use of the SecretBox provider.

Long term, revise the documentation regarding the available EncryptionConfiguration providers and ensure the documentation follows up-to-date best practices. The updated table included in Appendix G should be used as a replacement of the existing table.

Anything else we need to know?:

See #81146 for current status of all issues created from these findings.

The vendor gave this issue an ID of TOB-K8S-029 and it was finding 19 of the report.

The vendor considers this issue Medium Severity.

To view the original finding, begin on page 57 of the Kubernetes Security Review Report

Environment:

• Kubernetes version: 1.13.4