SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 23 Next »

Applications in general should avoid, and security-related applications must avoid, use of insecure or weak cryptographic primitives. The computational capacity of modern computers permits circumvent such cryptography via brute-force attacks. For example, the DES encryption algorithm is considered highly insecure; messages encrypted using DES have been decrypted by brute force within a single day by machines such as the Electronic Frontier Foundation's (EFF) Deep Crack.

Noncompliant Code Example

This noncompliant code example encrypts a String input by using a weak cryptographic algorithm (DES). 

SecretKey key = KeyGenerator.getInstance("DES").generateKey();
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.ENCRYPT_MODE, key); 

// Encode bytes as UTF8; strToBeEncrypted contains the input string
// that is to be encrypted 
byte[] encoded = strToBeEncrypted.getBytes("UTF8");
    
// Perform encryption
byte[] encrypted = cipher.doFinal(encoded);

Compliant Solution

This compliant solution uses the more secure AES algorithm to perform the encryption. Decryption follows similar logic and has been omitted from this discussion. 

Cipher cipher = Cipher.getInstance("AES");             
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128); // 192 and 256 bits may be unavailable

SecretKey skey = kgen.generateKey();
byte[] raw = skey.getEncoded();

SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);

// Encode bytes as UTF8; strToBeEncrypted contains the input string
// that is to be encrypted 
byte[] encoded = strToBeEncrypted.getBytes("UTF8");
    
// Perform encryption
byte[] encrypted = cipher.doFinal(encoded);

Risk Assessment

Use of mathematically and computationally insecure cryptographic algorithms can result in the disclosure of sensitive information.

Guideline

Severity

Likelihood

Remediation Cost

Priority

Level

MSC01-J

medium

probable

medium

P8

L2

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this guideline on the CERT website.

Bibliography

[[API 2006]]
[[MITRE 2009]] CWE ID 327 "Use of a Broken or Risky Cryptographic Algorithm"

49. Miscellaneous (MSC)      49. Miscellaneous (MSC)      

  • No labels