SV.WEAK.KEYS.AES

Insufficient key length in Cryptographic Algorithm

Klocwork reports a SV.WEAK.KEYS.AES defect when the AES cryptographic algorithm is used with a key that is of insufficient size.

Vulnerability and risk

Small key size can lead to algorithm breaks that can then lead to the leakage of sensitive data. Algorithms need to be robust against the powerful computing techniques that are used to perform brute force attacks.

Mitigation and prevention

Avoid implementing AES algorithms with keys that are less than 128 bits.

Vulnerable code example

1
2
3
4
5
6
7
8
import javax.crypto.KeyGenerator;
 
class KeyGenAESTest {
  public static void main(String[] args) {
    KeyGenerator generatorAES = KeyGenerator.getInstance("AES");
    generatorAES.init(64);  // SV.WEAK.KEYS.AES (!)
  }
}

Klocwork reports an SV.WEAK.AES defect on line 6, indicating, "Cryptographic Algorithm uses key less than 128 bits". An AES algorithm needs a key that is at least 128 bits.

Fixed code example

1
2
3
4
5
6
7
8
import javax.crypto.KeyGenerator;
 
class KeyGenAESTest {
  public static void main(String[] args) {
    KeyGenerator generatorAES = KeyGenerator.getInstance("AES");
    generatorAES.init(128);  // no SV.WEAK.KEYS.AES
  }
}

Klocwork no longer reports a defect because the AES algorithm uses a key that is 128 bits.

Related checkers

• SV.WEAK.KEYS.DH
• SV.WEAK.KEYS.DSA
• SV.WEAK.KEYS.EC
• SV.WEAK.KEYS.RSA

External guidance

• CWE-326: Inadequate Encryption Strength
• OWASP A3:2017 Sensitive Data Exposure
• OWASP A2:2021 Cryptographic Failures
• V-222555 (APSC-DV-001860): The application must use mechanisms meeting the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for authentication to a cryptographic module.

Security training

Application security training materials provided by Secure Code Warrior.

• Weak Crypto Algorithm Training Video - Test your skills with a training example