Use strong cipher algorithms instead of deprecated ones

문서 > Datadog 보안 > Code Security > Static Code Analysis (SAST) > SAST Rules > Use strong cipher algorithms instead of deprecated ones

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Metadata

ID: kotlin-security/avoid-weak-ciphers

Language: Kotlin

Severity: Error

Category: Security

CWE: 327

Description

This rule enforces the use of strong cipher algorithms and discourages the use of deprecated or weak ones in your Kotlin code. Cipher algorithms are crucial for ensuring data security in applications. However, not all ciphers provide the same level of security. Some older ciphers, such as DES, have known vulnerabilities and have been deprecated.

Using weak or deprecated cipher algorithms can expose your application’s data to potential security breaches. By exploiting the vulnerabilities of these weak ciphers, attackers can decrypt sensitive information, leading to data breaches.

To adhere to this rule, always use strong, up-to-date cipher algorithms in your Kotlin code. For example, instead of using Cipher.getInstance("DES"), which uses the deprecated DES algorithm, use Cipher.getInstance("AES/GCM/NoPadding"), which uses the strong AES algorithm with GCM mode and no padding. Regularly update your knowledge on the latest recommended cipher algorithms and avoid those known to be weak or compromised.

Non-Compliant Code Examples

import javax.crypto.Cipher

fun main(args: Array<String>) {
    val insecureDES = Cipher.getInstance("DES")
}

Compliant Code Examples

import javax.crypto.Cipher

fun main(args: Array<String>) {
    val secureAES = Cipher.getInstance("AES/GCM/NoPadding")
}