Use of a broken or risky cryptographic algorithm
Description
Cryptographic algorithms provide many different modes of operation, only some of which provide message integrity. Without message integrity it could be possible for an adversary to attempt to tamper with the ciphertext which could lead to compromising the encryption key. Newer algorithms apply message integrity to validate ciphertext has not been tampered with. Instead of using an algorithm that requires configuring a cipher mode, an algorithm that has built-in message integrity should be used. Consider using `ChaCha20Poly1305` or `AES-256-GCM` instead.
Examples
Insecure Code
java
javax.crypto.Cipher.getInstance("AES/ECB/NoPadding");Secure Code
java
Cipher chaChaCipher = Cipher.getInstance("ChaCha20-Poly1305/None/NoPadding");Remediation
Replace the usage of ECB mode with a secure mode like ChaCha20Poly1305 or AES-256-GCM. Ensure to properly initialize the cipher with a secure key and parameters.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0688 |
| Category | Crypto |
| Severity | MEDIUM |
| CWE | CWE-327 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | MODERATE |
| Tags | cryptography, ecb mode |
| OWASP | A3:2017-Sensitive Data Exposure, A02:2021-Cryptographic Failures |