Applications in general should avoid, and security-related applications must avoid, use of insecure or weak cryptographic primitives. The computational capacity of modern computers permits circumvent such cryptography via brute-force attacks. For example, the DES encryption algorithm is considered highly insecure; messages encrypted using DES have been decrypted by brute force within a single day by machines such as the Electronic Frontier Foundation's (EFF) Deep Crack.
Noncompliant Code Example
This noncompliant code example encrypts a String
input by using a weak cryptographic algorithm (DES).
SecretKey key = KeyGenerator.getInstance("DES").generateKey(); Cipher cipher = Cipher.getInstance("DES"); cipher.init(Cipher.ENCRYPT_MODE, key); // Encode bytes as UTF8; strToBeEncrypted contains the input string // that is to be encrypted byte[] encoded = strToBeEncrypted.getBytes("UTF8"); // Perform encryption byte[] encrypted = cipher.doFinal(encoded);
Compliant Solution
This compliant solution uses the more secure AES algorithm to perform the encryption. Decryption follows similar logic and has been omitted from this discussion.
Cipher cipher = Cipher.getInstance("AES"); KeyGenerator kgen = KeyGenerator.getInstance("AES"); kgen.init(128); // 192 and 256 bits may be unavailable SecretKey skey = kgen.generateKey(); byte[] raw = skey.getEncoded(); SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES"); cipher.init(Cipher.ENCRYPT_MODE, skeySpec); // Encode bytes as UTF8; strToBeEncrypted contains the input string // that is to be encrypted byte[] encoded = strToBeEncrypted.getBytes("UTF8"); // Perform encryption byte[] encrypted = cipher.doFinal(encoded);
Risk Assessment
Use of mathematically and computationally insecure cryptographic algorithms can result in the disclosure of sensitive information.
Guideline |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
---|---|---|---|---|---|
MSC01-J |
medium |
probable |
medium |
P8 |
L2 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Bibliography
[[API 2006]]
[[MITRE 2009]] CWE ID 327 "Use of a Broken or Risky Cryptographic Algorithm"