33 lines
1.2 KiB
Plaintext
33 lines
1.2 KiB
Plaintext
The Advanced Encryption Standard (AES) encryption algorithm can be used with various modes. Some combinations are not secured:
|
|
|
|
* Electronic Codebook (ECB) mode: Under a given key, any given plaintext block always gets encrypted to the same ciphertext block. Thus, it does not hide data patterns well. In some senses, it doesn't provide serious message confidentiality, and it is not recommended for use in cryptographic protocols at all.
|
|
* Cipher Block Chaining (CBC) with PKCS#5 padding (or PKCS#7) is susceptible to padding oracle attacks.
|
|
|
|
In both cases, Galois/Counter Mode (GCM) with no padding should be preferred.
|
|
|
|
|
|
This rule raises an issue when a ``++Cipher++`` instance is created with either ECB or CBC/PKCS5Padding mode.
|
|
|
|
== Noncompliant Code Example
|
|
|
|
----
|
|
Cipher c1 = Cipher.getInstance("AES/ECB/NoPadding"); // Noncompliant
|
|
Cipher c2 = Cipher.getInstance("AES/CBC/PKCS5Padding"); // Noncompliant
|
|
----
|
|
|
|
== Compliant Solution
|
|
|
|
----
|
|
Cipher c = Cipher.getInstance("AES/GCM/NoPadding");
|
|
----
|
|
|
|
include::../see.adoc[]
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
include::../comments-and-links.adoc[]
|
|
endif::env-github,rspecator-view[]
|