Details

    • Type: Vulnerability Detection
    • Status: Active
    • Resolution: Unresolved
    • Message:
      Use a key length of at least 'xxx' bits for 'xxx' cipher algorithm.
    • Default Severity:
      Blocker
    • Impact:
      High
    • Likelihood:
      High
    • Default Quality Profiles:
      Sonar way
    • Targeted languages:
      C, C++
    • Covered Languages:
      C#, Java, PHP, Python
    • Irrelevant for Languages:
      ABAP, Cobol, CSS, Flex, HTML, JavaScript, Objective-C, PHP, PL/I, PL/SQL, Python, RPG, Swift, T-SQL, TypeScript, VB.Net, VB6, XML
    • Remediation Function:
      Constant/Issue
    • Constant Cost:
      2min
    • Analysis Level:
      Abstract Interpretation
    • Analysis Scope:
      Main Sources
    • Common Rule:
      Yes
    • CWE:
      CWE-326
    • OWASP:
      A3, A9
    • FindSecBugs:
      BLOWFISH_KEY_SIZE, RSA_KEY_SIZE
    • Fortify:
      weak_encryption_insufficient_key_size

      Description

      Most of cryptographic systems require a sufficient key size to be robust against brute-force attacks.

      NIST recommendations will be checked:

      Use / Algorithm DSA RSA ECDSA DH MQV ECDH ECMQV Block Cipher
      Digital Signature Generation p ≥ 2048 AND q ≥ 224 n ≥ 2048 See table below x x x x x
      Digital Signature Verification p ≥ 2048 AND q ≥ 224 n ≥ 2048 See table below x x x x x
      Key Agreement x x x p ≥ 2048 AND q ≥ 224 p ≥ 2048 AND q ≥ 224 See table below See table below x
      Encryption and Decryption x x x x x x x AES-128, 192, 256

      This rule will not raise issues for ciphers that are considered weak (no matter the key size) like DES, Blowfish.

      Notation

      • DSA (Digital Signature Algorithm): p is key length and q the modulus length
      • EC (Elliptic-curve)
        EC parameters EB EC ED EE
        Length of n 224-255 256-383 384-511 512+
        Maximum bit length of cofactor h 14 16 24 32
      • Examples of compliant and non compliant curves:
        • secp192r1 is non-compliant because n < 224
        • secp224k1 is compliant because n >= 224
      • Other algorithms: n is the key length

      See

        Attachments

          Issue Links

          1.
          C# RSPEC-4429 Language-Specification Active Unassigned
          2.
          C-Family RSPEC-4430 Language-Specification Active Unassigned
          3.
          PHP RSPEC-4703 Language-Specification Active Unassigned
          4.
          Python: Cryptographic key generation should be based on strong parameters RSPEC-5438 Language-Specification Active Unassigned
          5.
          Java RSPEC-5589 Language-Specification Active Unassigned
          6.
          Kotlin RSPEC-5590 Language-Specification Active Unassigned

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                jeanchristophe.collet Jean-Christophe Collet (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated: