Audit required: Insecure cipherPTC-W1004
cwe, a02, a06, cwe-327, owasp-top-10
Cipher used is not secure. It is recommended to replace it with a known secure cipher such as AES
.
Following ciphers are considered weak for a variety of reasons:
- Single DES: DES was never cryptographically broken, but its key length is too short by nowadays standards and it could be brute forced with some effort.
- BlowFish: Susceptible to attacks when using weak keys.
- ARC4: Weaknesses in its initial stream output.
- IDEA: Susceptible to attacks when using weak keys.
New applications should avoid their use and existing applications should strongly consider migrating away.
It is recommended to use AES. AES is both fast and cryptographically strong. It is a good default choice for encryption.
Bad practice
from Crypto.Cipher import ARC4, DES
cipher1 = ARC4.new(key)
cipher2 = DES.new(key, DES.MODE_OFB)
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
cipher = Cipher(algorithms.Blowfish(key), modes.CBC(iv))
Recommended
pycryptodome library:
from Crypto.Cipher import AES
cipher1 = AES.new(key, AES.MODE_EAX)
cipher2 = AES.new(key, AES.MODE_OFB)
pyca/cryptography library:
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
cipher = Cipher(algorithms.AES(key), modes.CBC(iv))
References:
- OWASP Top 10 2021 Category A02 - Cryptographic Failures
- OWASP Top 10 2021 Category A06 - Vulnerable and Outdated Components
- CWE 327 - Use of a Broken or Risky Cryptographic Algorithm