Avoid DES

This product is not supported for your selected Datadog site. ().
Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Metadata

ID: swift-security/avoid-des

Language: Unknown

Severity: Info

Category: Best Practices

Description

This rule discourages the use of the DES (Data Encryption Standard) algorithm for cryptographic operations. DES is considered insecure due to its short key length and vulnerability to brute-force attacks, making it unsuitable for protecting sensitive data.

To comply with this rule, developers should avoid specifying “des” as the cryptographic algorithm in their code. Instead, use more secure alternatives such as AES (Advanced Encryption Standard), which provides stronger encryption and is widely supported.

Non-Compliant Code Examples

let crypt = CkoCrypt2()
crypt.CryptAlgorithm = "3des"

let crypt = CkoCrypt2()
crypt.CryptAlgorithm = "des"

let cryptor = try Cryptor(operation: .encrypt, algorithm: .des, options: .none, key: key, iv: [])

Compliant Code Examples

let cryptor = try Cryptor(operation: .encrypt, algorithm: .aes, options: .none, key: key, iv: [])

let crypt = CkoCrypt2()
crypt.CryptAlgorithm = "aes"
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains