Avoid md5

이 제품은 선택한 Datadog 사이트에서 지원되지 않습니다. ().
이 페이지는 아직 한국어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Metadata

ID: swift-security/avoid-md5

Language: Swift

Severity: Warning

Category: Security

Description

This rule flags the use of the MD5 hashing algorithm in Swift code. MD5 is considered cryptographically broken and unsuitable for further use due to its vulnerability to collision attacks, where two different inputs produce the same hash output. Using MD5 can compromise the security and integrity of data, especially in contexts like password hashing, digital signatures, or data verification.

To maintain strong security standards, developers should avoid MD5 and instead use more secure hashing algorithms such as SHA-256. These algorithms provide better resistance against collision and preimage attacks, ensuring the integrity and authenticity of hashed data. For example, replacing message.md5() with message.sha256() significantly improves security.

Non-Compliant Code Examples

let digest = message.md5();

Compliant Code Examples

let digest = message.sha256();
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains

원활한 통합. Datadog Code Security를 경험해 보세요

Datadog Code Security