C Sharp Insecure Cipher Algorithm
Description
Detects the usage of cryptographically insecure cipher algorithms in C# code. Using weak or deprecated encryption algorithms can make encrypted data vulnerable to attacks and compromise data confidentiality.
Detection Strategy
• Scans C# code for member access expressions that reference known insecure cipher algorithms
• Triggers when code references deprecated ciphers like DES, RC2, or other weak encryption algorithms
• Reports a vulnerability when the code attempts to use any cryptographically insecure cipher for encryption operations
Vulnerable code example
using System;
using System.Security.Cryptography;
class InsecureCrypto
{
public static void Main()
{
// Vulnerable: Using weak/deprecated cryptographic algorithms...✅ Secure code example
using System;
using System.Security.Cryptography;
class SecureCrypto
{
public static void Main()
{
// Using strong cryptographic algorithms...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.