Usage of CBC (Cipher Block Chaining) Mode with Padding

Overview

• Rule ID: java_lang_padding_oracle_encryption_vulnerability

• Applicable Languages: Java

• Weakness ID: CWE-327

Description

Using a block cipher algorithm mode like CBC (Cipher Block Chaining) with a padding scheme is susceptible to Padding Oracle attacks. This vulnerability occurs because attackers can exploit the padding scheme to decrypt messages.

Remediation Guidelines

• Avoid using CBC mode with padding for encryption, as this combination is vulnerable to security breaches.

  Copy

  Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding"); // unsafe

• Instead, consider using GCM (Galois/Counter Mode) for encryption implementation. GCM provides a more secure alternative that mitigates the risks associated with CBC mode.

  Copy

  Cipher c = Cipher.getInstance("AES/GCM/PKCS5Padding");

References

• Java Cipher class

• Java Security Standard Algorithm Names

• CWE-327: Use of a Broken or Risky Cryptographic Algorithm

• OWASP Top 10: A02:2021 - Cryptographic Failures

Configuration

To omit this rule during a scan, and to provide you with continuous 24/7 code-level scanning, you can employ our SAST TOOL