Need

Prevent unauthorized access and tampering of encrypted data.

Context

• Usage of Elixir (v1.11+) for building scalable and fault-tolerant applications
• Usage of crypto library for encryption

Description

Non compliant code

        def encrypt(data, key) do
  :crypto.block_encrypt(:des_ecb, key, data)
end
        
        

This Elixir function uses the DES algorithm to encrypt data. DES is considered insecure due to its small key size, making it susceptible to brute-force attacks.

Steps

• Replace the DES encryption function with the AES encryption function.
• Ensure that the key size is at least 128 bits, which is the minimum key size for AES.

Compliant code

        def encrypt(data, key) do
  :crypto.block_encrypt(:aes_ecb, key, data)
end
        
        

This Elixir function uses the AES algorithm to encrypt data. AES is a secure encryption algorithm that is resistant to brute-force attacks due to its large key size.

References

• 052. Insecure encryption algorithm