Use of a broken or risky cryptographic algorithm
Description
Cryptographic algorithms provide many different modes of operation, only some of which provide message integrity. Without message integrity it could be possible for an adversary to attempt to tamper with the ciphertext which could lead to compromising the encryption key. Newer algorithms apply message integrity to validate ciphertext has not been tampered with. Instead of using an algorithm that requires configuring a `CipherMode`, an algorithm that has built-in message integrity should be used.
Examples
Insecure Code
c#
CipherMode.$CIPHERSecure Code
c#
ChaCha20Poly1305 encryptor = new ChaCha20Poly1305(key);Remediation
Use an algorithm with built-in message integrity such as `ChaCha20Poly1305` or `AES-256-GCM`.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0443 |
| Category | Crypto |
| Severity | MEDIUM |
| CWE | CWE-327 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | MODERATE |
| Tags | cryptography, encryption |
| OWASP | A3:2017-Sensitive Data Exposure, A02:2021-Cryptographic Failures |