This rule ensures that data encryption in your application is robust and secure against potential cyber threats. The rule discourages the use of deprecated and weak cryptographic algorithms such as DES (Data Encryption Standard) or DESede, which are known to be vulnerable to various types of attacks.
Using weak or deprecated encryption algorithms can lead to serious security breaches, including unauthorized access to sensitive data. Strong cryptography is essential in today’s digital world where data breaches are becoming increasingly common and sophisticated.
How to remediate
Always use strong and up-to-date cryptographic algorithms in your Java code. For instance, instead of ‘DES’, use stronger algorithms like ‘AES’ (Advanced Encryption Standard) with a key size of at least 128 bits. So, instead of javax.crypto.Cipher.getInstance("DES/CBC/PKCS5Padding") or Cipher.getInstance("DES"), you should use something like Cipher.getInstance("AES/CBC/PKCS5Padding") or Cipher.getInstance("AES"). Regularly updating your knowledge about the latest cryptographic standards can also help in maintaining the security of your application.
