Use of a broken or risky cryptographic algorithm
Description
Cryptographic algorithms provide many different modes of operation, only some of which provide message integrity. Without message integrity, it could be possible for an adversary to attempt to tamper with the ciphertext, which could lead to compromising the encryption key. Newer algorithms apply message integrity to validate ciphertext has not been tampered with. Instead of using an algorithm that requires configuring a cipher mode, an algorithm that has built-in message integrity should be used. Consider using `ChaCha20Poly1305` or `AES-256-GCM` instead.
Examples
Insecure Code
java
javax.crypto.Cipher.getInstance("AES");Secure Code
java
Cipher chaChaCipher = Cipher.getInstance("ChaCha20-Poly1305/None/NoPadding");Remediation
Replace the used cryptographic algorithm with a secure one, such as `ChaCha20Poly1305` or `AES-256-GCM`, and ensure proper initialization and usage.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0689 |
| Category | Crypto |
| Severity | MEDIUM |
| CWE | CWE-327 |
| Confidence | HIGH |
| Impact | MEDIUM |
| Likelihood | MEDIUM |
| Exploitability | MODERATE |
| Tags | cryptography, algorithm |
| OWASP | A3:2017-Sensitive Data Exposure, A02:2021-Cryptographic Failures |