"Security anti-pattern for weak encryption (CWE-326, CWE-327). Use when generating or reviewing code that encrypts data, handles encryption keys, or uses cryptographic modes. Detects DES, ECB mode, static IVs, and custom crypto implementations."
Weak Encryption Anti-Pattern
Severity: High
Summary
Weak encryption refers to the use of cryptographic algorithms, modes, or implementations that provide insufficient protection for sensitive data. This anti-pattern often stems from using outdated algorithms (e.g., DES, RC4), insecure modes of operation (e.g., ECB), or improper key/initialization vector (IV)/nonce management (e.g., static IVs). AI models, trained on vast codebases, can inadvertently suggest these weak practices found in older tutorials or examples. The consequence is that encrypted data can be easily decrypted by an attacker, leading to data breaches, compliance failures, and loss of trust.
The Anti-Pattern
The anti-pattern involves using cryptographic techniques that are no longer considered secure for protecting sensitive data.
1. Outdated or Broken Algorithms
Using algorithms like DES, 3DES, or RC4 is a critical flaw. These algorithms have known vulnerabilities and are easily broken with modern computing power.
BAD Code Example
# VULNERABLE: Using the outdated DES algorithm.
from Crypto.Cipher import DES
from Crypto import Random
key = Random.get_random_bytes(8) # DES uses an 8-byte (64-bit) key, but only 56 bits are effective.
def encrypt_data_des(plaintext):
cipher = DES.new(key, DES.MODE_ECB) # ECB mode is also insecure.
# Pad the plaintext to be a multiple of 8 bytes (DES block size).
padded_plaintext = plaintext + (8 - len(plaintext) % 8) * chr(8 - len(plaintext) % 8)
ciphertext = cipher.encrypt(padded_plaintext.encode('utf-8'))
return ciphertext
# DES can be brute-forced in a matter of hours or days with dedicated hardware.
2. Insecure Modes of Operation (e.g., ECB)
Even if using a strong algorithm like AES, using it in Electronic Codebook (ECB) mode is highly insecure. ECB encrypts identical blocks of plaintext into identical blocks of ciphertext, revealing patterns in the data.
BAD Code Example
# VULNERABLE: Using AES in ECB mode.
from Crypto.Cipher import AES
from Crypto import Random
key = Random.get_random_bytes(16) # AES-128 key.
def encrypt_data_ecb(plaintext):
cipher = AES.new(key, AES.MODE_ECB)
# Pad the plaintext to be a multiple of 16 bytes (AES block size).
padded_plaintext = plaintext + (16 - len(plaintext) % 16) * chr(16 - len(plaintext) % 16)
ciphertext = cipher.encrypt(padded_plaintext.encode('utf-8'))
return ciphertext
# If you encrypt an image with many identical color blocks using AES-ECB,
# the encrypted image will still show the original image's outline and patterns.
# This leaks significant information about the plaintext.
GOOD Code Example
# SECURE: Use a modern, authenticated encryption mode like AES-256-GCM.
from cryptography.hazmat.primitives.ciphers.aead import AESGCM
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.kdf.hkdf import HKDFExpand
from cryptography.hazmat.backends import default_backend
import os
# Generate a strong, random key. AES-256 uses a 32-byte key.
key = AESGCM.generate_key(bit_length=256)
def encrypt_data_gcm(plaintext):
aesgcm = AESGCM(key)
# GCM requires a unique, unpredictable nonce (Initialization Vector).
# It must never be reused with the same key. A 12-byte nonce is standard.
nonce = os.urandom(12)
# AES-GCM performs both encryption and provides an authentication tag (integrity check).
ciphertext = aesgcm.encrypt(nonce, plaintext.encode('utf-8'), None)
# Store and transmit the nonce along with the ciphertext.
return nonce + ciphertext
def decrypt_data_gcm(encrypted_data_with_nonce):
aesgcm = AESGCM(key)
nonce = encrypted_data_with_nonce[:12]
ciphertext = encrypted_data_with_nonce[12:]
try:
# The decrypt method will also verify the authentication tag.
# If the data is tampered with, it will raise an `InvalidTag` exception.
plaintext = aesgcm.decrypt(nonce, ciphertext, None).decode('utf-8')
return plaintext
except InvalidTag:
raise ValueError("Decryption failed: data may have been tampered with or corrupted.")
# AES-256-GCM provides strong confidentiality, integrity, and authenticity.
# Each encryption is unique due to the nonce, preventing pattern leakage.
Detection
- Code review for algorithm choice: Search your codebase for calls to cryptographic functions using
DES,3DES,RC4,MD5(for encryption), orSHA-1(for encryption/signatures). - Check modes of operation: Look for
ECBmode being used with block ciphers like AES. - Inspect IV/Nonce generation: Verify how initialization vectors (IVs) or nonces are generated. Are they random and unique for each encryption? Avoid static, predictable, or reused IVs.
- Custom crypto implementations: Be extremely wary of any "homegrown" encryption algorithms. These are almost always insecure.
Prevention
- [ ] Use strong, modern algorithms: For symmetric encryption, always use AES-256. For authenticated encryption, prefer AES-256-GCM or ChaCha20-Poly1305.
- [ ] Avoid insecure modes of operation: Never use ECB mode. If using CBC mode, always pair it with a strong MAC (Message Authentication Code) in an Encrypt-then-MAC scheme. Better yet, use AEAD modes like GCM.
- [ ] Generate random, unique IVs/Nonces: For every encryption operation, a unique and unpredictable IV (for CBC) or nonce (for GCM) must be generated using a cryptographically secure random number generator. Never reuse a nonce with the same key in GCM.
- [ ] Use established cryptographic libraries: Do not attempt to "roll your own" encryption. Use well-vetted, standard libraries (e.g.,
cryptographyin Python,javax.cryptoin Java). - [ ] Ensure key strength: Use sufficiently long keys (e.g., 256 bits for AES).
Related Security Patterns & Anti-Patterns
- Hardcoded Secrets Anti-Pattern: Encryption keys are critical secrets that must be managed securely.
- Insufficient Randomness Anti-Pattern: The randomness used for IVs/nonces must be cryptographically secure.
- Padding Oracle Anti-Pattern: A specific attack against block ciphers used in CBC mode without proper authentication.
References
You Might Also Like
Related Skills
create-pr
Creates GitHub pull requests with properly formatted titles that pass the check-pr-title CI validation. Use when creating PRs, submitting changes for review, or when the user says /pr or asks to create a pull request.
n8n-io
electron-chromium-upgrade
Guide for performing Chromium version upgrades in the Electron project. Use when working on the roller/chromium/main branch to fix patch conflicts during `e sync --3`. Covers the patch application workflow, conflict resolution, analyzing upstream Chromium changes, and proper commit formatting for patch fixes.
electron
pr-creator
Use this skill when asked to create a pull request (PR). It ensures all PRs follow the repository's established templates and standards.
google-gemini
clawdhub
Use the ClawdHub CLI to search, install, update, and publish agent skills from clawdhub.com. Use when you need to fetch new skills on the fly, sync installed skills to latest or a specific version, or publish new/updated skill folders with the npm-installed clawdhub CLI.
moltbottmux
Remote-control tmux sessions for interactive CLIs by sending keystrokes and scraping pane output.
moltbot
create-pull-request
Create a GitHub pull request following project conventions. Use when the user asks to create a PR, submit changes for review, or open a pull request. Handles commit analysis, branch management, and PR creation using the gh CLI tool.
cline