Skip to content

Weak Cipher Mode

What does this mean ?

A weak cipher is an encryption/decryption technique that employs an insufficiently long key. Using a key of an inadequate length in an encryption/decryption technique increases the potential (or likelihood) that the encryption system will be broken (i.e. cracked). The stronger the encryption, the greater the key size. Weak ciphers are encryption/decryption methods that employ key sizes that are fewer than 128 bits (i.e., 16 bytes... 8 bits in a byte).

What can happen ?

A weak cipher is an encryption mechanism that a malicious attacker may break. This is sometimes due to the tiny size of the keys, allowing a fast computer to just attempt every conceivable key until it finds the correct one. Cipher suites such as DES are examples of this. In today's context, a key is considered unsafe if it is less than 112 bits long.

Recommendation

  • A strong encryption/decryption algorithm with a longer key, such as AES, must be utilized.

Sample Code

Vulnerable :

var tripleDES1 = new TripleDESCryptoServiceProvider(); // Noncompliant: Triple DES is vulnerable to meet-in-the-middle attack

var simpleDES = new DESCryptoServiceProvider(); // Noncompliant: DES works with 56-bit keys allow attacks via exhaustive search

var RC2 = new RC2CryptoServiceProvider(); // Noncompliant: RC2 is vulnerable to a related-key attack
AesFastEngine aesFast = new AesFastEngine(); // Noncompliant

Non Vulnerable :

var AES = new AesCryptoServiceProvider(); // Compliant
var AES = new AESEngine(); // Compliant

Vulnerable :

import javax.crypto.Cipher;
import java.security.NoSuchAlgorithmException;
import javax.crypto.NoSuchPaddingException;

public class test {

    public static void main(String[] args) {
      try
      {
        Cipher c1 = Cipher.getInstance("DES"); // Noncompliant: DES works with 56-bit keys allow attacks via exhaustive search
        Cipher c7 = Cipher.getInstance("DESede"); // Noncompliant: Triple DES is vulnerable to meet-in-the-middle attack
        Cipher c13 = Cipher.getInstance("RC2"); // Noncompliant: RC2 is vulnerable to a related-key attack
        Cipher c19 = Cipher.getInstance("RC4"); // Noncompliant: vulnerable to several attacks (see https://en.wikipedia.org/wiki/RC4#Security)
        Cipher c25 = Cipher.getInstance("Blowfish"); // Noncompliant: Blowfish use a 64-bit block size makes it vulnerable to birthday attacks

        NullCipher nc = new NullCipher(); // Noncompliant: the NullCipher class provides an "identity cipher" one that does not transform or encrypt the plaintext in any way.
      }
      catch(NoSuchAlgorithmException|NoSuchPaddingException e)
      {
      }
    }
}

Non Vulnerable :

import javax.crypto.Cipher;
import java.security.NoSuchAlgorithmException;
import javax.crypto.NoSuchPaddingException;

public class test {

    public static void main(String[] args) {
      try
      {
        Cipher c31 = Cipher.getInstance("AES/GCM/NoPadding"); // Compliant
      }
      catch(NoSuchAlgorithmException|NoSuchPaddingException e)
      {
      }
    }
}

Vulnerable :

// mcrypt_encrypt is deprecated since PHP 7.1
$c1 = mcrypt_encrypt(MCRYPT_DES, $key, $plaintext, $mode);  // Noncompliant: DES works with 56-bit keys allow attacks via exhaustive search
$c2 = mcrypt_encrypt(MCRYPT_DES_COMPAT, $key, $plaintext, $mode); // Noncompliant: DES works with 56-bit keys allow attacks via exhaustive search
$c3 = mcrypt_encrypt(MCRYPT_TRIPLEDES, $key, $plaintext, $mode) // Noncompliant: Triple DES is vulnerable to meet-in-the-middle attack
$c4 = mcrypt_encrypt(MCRYPT_3DES, $key, $plaintext, $mode);  // Noncompliant: Triple DES is vulnerable to meet-in-the-middle attack
$c5 = mcrypt_encrypt(MCRYPT_BLOWFISH, $key, $plaintext, $mode);  // Noncompliant: Blowfish use a 64-bit block size makes it vulnerable to birthday attacks
$c6 = mcrypt_encrypt(MCRYPT_RC2, $key, $plaintext, $mode);  // Noncompliant: RC2 is vulnerable to a related-key attack
$c7 = mcrypt_encrypt(MCRYPT_RC4, $key, $plaintext, $mode);  // Noncompliant: vulnerable to several attacks (see https://en.wikipedia.org/wiki/RC4#Security)

$c8 = openssl_encrypt($plaintext, "bf-ecb", $key, $options=OPENSSL_RAW_DATA, $iv); // Noncompliant: Blowfish use a 64-bit block size makes it vulnerable to birthday attacks
$c9 = openssl_encrypt($plaintext, "des-ede3", $key, $options=OPENSSL_RAW_DATA, $iv);  // Noncompliant: Triple DES is vulnerable to meet-in-the-middle attack
$c10 = openssl_encrypt($plaintext, "des-ofb", $key, $options=OPENSSL_RAW_DATA, $iv);  // Noncompliant: DES works with 56-bit keys allow attacks via exhaustive search
$c11 = openssl_encrypt($plaintext, "rc2-cbc", $key, $options=OPENSSL_RAW_DATA, $iv); // Noncompliant: RC2 is vulnerable to a related-key attack
$c12 = openssl_encrypt($plaintext, "rc4", $key, $options=OPENSSL_RAW_DATA, $iv);  // Noncompliant: vulnerable to several attacks (see https://en.wikipedia.org/wiki/RC4#Security)

Non Vulnerable :

$c1= openssl_encrypt($plaintext, "aes-256-gcm", $key, $options=OPENSSL_RAW_DATA, $iv); // Compliant

Vulnerable :

crypto.createCipheriv("DES", key, iv); // Vulnerable: DES is not secured

Non Vulnerable :

crypto.createCipheriv("AES-256-GCM", key, iv);

Vulnerable :

crypto.createCipheriv("DES-EDE", key, ""); // Vulnerable: DES is not secured

Non Vulnerable :

crypto.createCipheriv("AES-256-GCM", key, iv);

References