Alternate names: InsecureCipherMode
This checker looks for usages of standard cryptographic algorithms in configurations that are prone to vulnerabilities. There are currently three classes of problems that are covered by this checker:
Creating an instance of
javax.crypto.Cipher using either the default
settings or the notoriously insecure ECB mode. In particular, Java’s default
Cipher.getInstance(AES) returns a cipher object that operates in ECB mode.
Dynamically constructed transformation strings are also flagged, as they may
conceal an instance of ECB mode. The problem with ECB mode is that
encrypting the same block of plaintext always yields the same block of
ciphertext. Hence, repetitions in the plaintext translate into repetitions
in the ciphertext, which can be readily used to conduct cryptanalysis. The
use of IES-based cipher algorithms also raises an error, as all currently
available implementations use ECB mode under the hood.
Using the Diffie-Hellmann protocol on prime fields. Most library implementations of Diffie-Hellman on prime fields have serious issues that can be exploited by an attacker. Any operation that may involve this protocol will be flagged by the checker. Implementations of the protocol based on elliptic curves (ECDH) are secure and should be used instead.
Using DSA for digital signatures. Some widely used crypto libraries accept invalid DSA signatures in specific configurations. The checker will flag all cryptographic operations that may involve DSA.
Suppress false positives by adding the suppression annotation
@SuppressWarnings("InsecureCryptoUsage") to the enclosing element.