Inadequate Encryption Strength
ID |
scala.cryptography.scala_crypto_rule_hazelcastsymmetricencryption |
Severity |
low |
Resource |
Cryptography |
Language |
Scala |
Description
The network communications for Hazelcast is configured to use a symmetric cipher (probably DES or Blowfish). Those ciphers alone do not provide integrity or secure authentication. The use of asymmetric encryption is preferred.
Rationale
The network communications for Hazelcast is configured to use a symmetric cipher (probably DES or Blowfish). Those ciphers alone do not provide integrity or secure authentication. The use of asymmetric encryption is preferred.
Remediation
Follow secure coding practices and review the references below for detailed remediation guidance.
References
-
OWASP Top 10 2021 - A02 : Cryptographic Failures.