Avoid DES

This product is not supported for your selected Datadog site. ().
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Metadata

ID: swift-security/avoid-des

Language: Unknown

Severity: Info

Category: Best Practices

Description

This rule discourages the use of the DES (Data Encryption Standard) algorithm for cryptographic operations. DES is considered insecure due to its short key length and vulnerability to brute-force attacks, making it unsuitable for protecting sensitive data.

To comply with this rule, developers should avoid specifying “des” as the cryptographic algorithm in their code. Instead, use more secure alternatives such as AES (Advanced Encryption Standard), which provides stronger encryption and is widely supported.

Non-Compliant Code Examples

let crypt = CkoCrypt2()
crypt.CryptAlgorithm = "3des"

let crypt = CkoCrypt2()
crypt.CryptAlgorithm = "des"

let cryptor = try Cryptor(operation: .encrypt, algorithm: .des, options: .none, key: key, iv: [])

Compliant Code Examples

let cryptor = try Cryptor(operation: .encrypt, algorithm: .aes, options: .none, key: key, iv: [])

let crypt = CkoCrypt2()
crypt.CryptAlgorithm = "aes"
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains

원활한 통합. Datadog Code Security를 경험해 보세요

Datadog Code Security