Details

CWE-326: Inadequate Encryption Strength

Description

Insufficiently strong encryption schemes may not adequately secure secret data from attackers. This can result from poor cipher selection, insufficient key size, or weak key selection.

Remediation

Use a cryptographic algorithm that has been subject to public scrutiny. Follow security best practices when selecting key sizes and when generating key material.

References

CWE