Applications in general should avoid use of insecure or weak cryptographic primitives. Security-related applications must avoid use of insecure or weak cryptographic primitives. The computational capacity of modern computers permits circumvention of such cryptography via brute-force attacks. For example, the Data Encryption Standard (DES) encryption algorithm is considered highly insecure; messages encrypted using DES have been decrypted by brute force within a single day by machines such as the Electronic Frontier Foundation's (EFF) Deep Crack.
Noncompliant Code Example
...
This compliant solution uses the more secure Advanced Encryption Standard (AES) algorithm to perform the encryption. Decryption follows similar logic and has been omitted from this discussion.
...