From b153ac94aeb06d6c2e3a09e1a9cbb4ac48bb32cc Mon Sep 17 00:00:00 2001 From: Carlos Holguera Date: Fri, 29 Nov 2024 11:05:04 +0100 Subject: [PATCH 01/12] Add MASTG-TEST-0231 for weak encryption modes in Android --- .../android/MASVS-CRYPTO/MASTG-TEST-0231.md | 41 +++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md diff --git a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md new file mode 100644 index 0000000000..66cad0ac9a --- /dev/null +++ b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md @@ -0,0 +1,41 @@ +--- +title: Weak Encryption Modes +platform: android +id: MASTG-TEST-0222 +type: [static, dynamic] +weakness: MASWE-0020 +--- + +## Overview + +To test for the [use of weak encryption modes](../../../Document/0x04g-Testing-Cryptography.md#weak-block-cipher-mode) in Android apps, we need to focus on methods from cryptographic frameworks and libraries that are used to configure and apply encryption modes. + +In Android development, the `Cipher` class from the Java Cryptography Architecture (JCA) is the primary API that allows you to specify the encryption mode for cryptographic operations. [`Cipher.getInstance`](https://developer.android.com/reference/javax/crypto/Cipher#getInstance(java.lang.String)) defines the transformation string, which includes the encryption algorithm, mode of operation, and padding scheme. The general format is `"Algorithm/Mode/Padding"`. For example: + +```java +Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); +``` + +In this test we're going to focus on symmetric encryption modes such as [ECB (Electronic Codebook)](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Electronic_codebook_(ECB)) operate deterministically, dividing plaintext into blocks and encrypting them separately, which reveals patterns in the ciphertext. This makes it vulnerable to attacks like [known-plaintext attacks](https://en.wikipedia.org/wiki/Known-plaintext_attack) and [chosen-plaintext attacks](https://en.wikipedia.org/wiki/Chosen-plaintext_attack). + +**Out of Scope**: Asymmetric encryption modes like RSA are out of scope for this test because they don't use block modes like ECB. + +In the transformation strings like `"RSA/ECB/OAEPPadding"` or "RSA/ECB/PKCS1Padding", the inclusion of "ECB" in this context is misleading. Unlike symmetric ciphers, **RSA doesn't operate in block modes like ECB**. The "ECB" designation is a [placeholder in some cryptographic APIs](https://github.com/openjdk/jdk/blob/680ac2cebecf93e5924a441a5de6918cd7adf118/src/java.base/share/classes/com/sun/crypto/provider/RSACipher.java#L126) and doesn't imply that RSA uses ECB mode. Understanding these nuances helps prevent false positives. + +## Steps + +1. Run @MASTG-TECH-0014 with a tool such as @MASTG-TOOL-0110 on the app binary, or use @MASTG-TECH-0033 (dynamic analysis) with a tool like @MASTG-TOOL-0001, and look for cryptographic functions specifying the encryption mode to insecure modes. + +## Observation + +The output should contain a list of locations where insecure or deprecated encryption modes are used in cryptographic operations. + +## Evaluation + +The test case fails if any insecure encryption modes are identified in the app. + +Replace insecure encryption modes with secure block cipher modes such as [AES-GCM or AES-CCM](https://csrc.nist.gov/pubs/sp/800/38/d/final) which are authenticated encryption modes that provide confidentiality, integrity, and authenticity. + +We recomend to avoid CBC, which while being more secure than ECB, improper implementation, especially incorrect padding, can lead to vulnerabilities such as padding oracle attacks. + +For comprehensive guidance on implementing secure encryption modes in Android, refer to the official Android Developers documentation on [Cryptography](https://developer.android.com/privacy-and-security/cryptography). From 21d521edb8785865e4a42fe9c6a10062351b54ed Mon Sep 17 00:00:00 2001 From: Carlos Holguera Date: Fri, 29 Nov 2024 11:06:14 +0100 Subject: [PATCH 02/12] fix typo --- tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md index 66cad0ac9a..3cb38dda86 100644 --- a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md +++ b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md @@ -36,6 +36,6 @@ The test case fails if any insecure encryption modes are identified in the app. Replace insecure encryption modes with secure block cipher modes such as [AES-GCM or AES-CCM](https://csrc.nist.gov/pubs/sp/800/38/d/final) which are authenticated encryption modes that provide confidentiality, integrity, and authenticity. -We recomend to avoid CBC, which while being more secure than ECB, improper implementation, especially incorrect padding, can lead to vulnerabilities such as padding oracle attacks. +We recommend to avoid CBC, which while being more secure than ECB, improper implementation, especially incorrect padding, can lead to vulnerabilities such as padding oracle attacks. For comprehensive guidance on implementing secure encryption modes in Android, refer to the official Android Developers documentation on [Cryptography](https://developer.android.com/privacy-and-security/cryptography). From c7e18383340ce551a7334af4eafa6c790726fc96 Mon Sep 17 00:00:00 2001 From: Carlos Holguera Date: Fri, 29 Nov 2024 11:08:06 +0100 Subject: [PATCH 03/12] fix ID --- tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md index 3cb38dda86..5c56359c43 100644 --- a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md +++ b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md @@ -1,7 +1,7 @@ --- title: Weak Encryption Modes platform: android -id: MASTG-TEST-0222 +id: MASTG-TEST-0231 type: [static, dynamic] weakness: MASWE-0020 --- From 6c72fc67187c5b1de2c6f00999415bd1e87f3e4f Mon Sep 17 00:00:00 2001 From: Carlos Holguera Date: Fri, 29 Nov 2024 12:38:28 +0100 Subject: [PATCH 04/12] Update tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md --- tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md index 5c56359c43..6baacce797 100644 --- a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md +++ b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md @@ -12,8 +12,8 @@ To test for the [use of weak encryption modes](../../../Document/0x04g-Testing-C In Android development, the `Cipher` class from the Java Cryptography Architecture (JCA) is the primary API that allows you to specify the encryption mode for cryptographic operations. [`Cipher.getInstance`](https://developer.android.com/reference/javax/crypto/Cipher#getInstance(java.lang.String)) defines the transformation string, which includes the encryption algorithm, mode of operation, and padding scheme. The general format is `"Algorithm/Mode/Padding"`. For example: -```java -Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); +```kotlin +Cipher.getInstance("AES/CBC/PKCS5Padding") ``` In this test we're going to focus on symmetric encryption modes such as [ECB (Electronic Codebook)](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Electronic_codebook_(ECB)) operate deterministically, dividing plaintext into blocks and encrypting them separately, which reveals patterns in the ciphertext. This makes it vulnerable to attacks like [known-plaintext attacks](https://en.wikipedia.org/wiki/Known-plaintext_attack) and [chosen-plaintext attacks](https://en.wikipedia.org/wiki/Chosen-plaintext_attack). From 6921ef55078652a1411d2268bfa928c5fdd0335b Mon Sep 17 00:00:00 2001 From: Carlos Holguera Date: Fri, 29 Nov 2024 16:09:47 +0100 Subject: [PATCH 05/12] Update tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md --- tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md index 6baacce797..4be954d3a0 100644 --- a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md +++ b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md @@ -20,7 +20,7 @@ In this test we're going to focus on symmetric encryption modes such as [ECB (El **Out of Scope**: Asymmetric encryption modes like RSA are out of scope for this test because they don't use block modes like ECB. -In the transformation strings like `"RSA/ECB/OAEPPadding"` or "RSA/ECB/PKCS1Padding", the inclusion of "ECB" in this context is misleading. Unlike symmetric ciphers, **RSA doesn't operate in block modes like ECB**. The "ECB" designation is a [placeholder in some cryptographic APIs](https://github.com/openjdk/jdk/blob/680ac2cebecf93e5924a441a5de6918cd7adf118/src/java.base/share/classes/com/sun/crypto/provider/RSACipher.java#L126) and doesn't imply that RSA uses ECB mode. Understanding these nuances helps prevent false positives. +In the transformation strings like "RSA/ECB/OAEPPadding" or "RSA/ECB/PKCS1Padding", the inclusion of "ECB" in this context is misleading. Unlike symmetric ciphers, **RSA doesn't operate in block modes like ECB**. The "ECB" designation is a [placeholder in some cryptographic APIs](https://github.com/openjdk/jdk/blob/680ac2cebecf93e5924a441a5de6918cd7adf118/src/java.base/share/classes/com/sun/crypto/provider/RSACipher.java#L126) and doesn't imply that RSA uses ECB mode. Understanding these nuances helps prevent false positives. ## Steps From b6323cbda5be2e07434d76cdd82a901f21288730 Mon Sep 17 00:00:00 2001 From: Carlos Holguera Date: Fri, 29 Nov 2024 16:11:26 +0100 Subject: [PATCH 06/12] Update tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md --- tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md index 4be954d3a0..7a2960a996 100644 --- a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md +++ b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md @@ -20,7 +20,7 @@ In this test we're going to focus on symmetric encryption modes such as [ECB (El **Out of Scope**: Asymmetric encryption modes like RSA are out of scope for this test because they don't use block modes like ECB. -In the transformation strings like "RSA/ECB/OAEPPadding" or "RSA/ECB/PKCS1Padding", the inclusion of "ECB" in this context is misleading. Unlike symmetric ciphers, **RSA doesn't operate in block modes like ECB**. The "ECB" designation is a [placeholder in some cryptographic APIs](https://github.com/openjdk/jdk/blob/680ac2cebecf93e5924a441a5de6918cd7adf118/src/java.base/share/classes/com/sun/crypto/provider/RSACipher.java#L126) and doesn't imply that RSA uses ECB mode. Understanding these nuances helps prevent false positives. +In the transformation strings like `"RSA/ECB/OAEPPadding"` or `"RSA/ECB/PKCS1Padding"`, the inclusion of "ECB" in this context is misleading. Unlike symmetric ciphers, **RSA doesn't operate in block modes like ECB**. The `ECB` designation is a [placeholder in some cryptographic APIs](https://github.com/openjdk/jdk/blob/680ac2cebecf93e5924a441a5de6918cd7adf118/src/java.base/share/classes/com/sun/crypto/provider/RSACipher.java#L126) and doesn't imply that RSA uses ECB mode. Understanding these nuances helps prevent false positives. ## Steps From 8f1ef1fb971498041fc956bd21a2c190ae1766f0 Mon Sep 17 00:00:00 2001 From: Carlos Holguera Date: Fri, 29 Nov 2024 16:45:35 +0100 Subject: [PATCH 07/12] Update tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md --- tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md index 7a2960a996..409ae3770f 100644 --- a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md +++ b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md @@ -34,6 +34,9 @@ The output should contain a list of locations where insecure or deprecated encry The test case fails if any insecure encryption modes are identified in the app. + +## Mitigation + Replace insecure encryption modes with secure block cipher modes such as [AES-GCM or AES-CCM](https://csrc.nist.gov/pubs/sp/800/38/d/final) which are authenticated encryption modes that provide confidentiality, integrity, and authenticity. We recommend to avoid CBC, which while being more secure than ECB, improper implementation, especially incorrect padding, can lead to vulnerabilities such as padding oracle attacks. From 726d521fe15a7f6c60df8a2c6c5830e999d9c9dc Mon Sep 17 00:00:00 2001 From: Carlos Holguera Date: Fri, 29 Nov 2024 16:46:23 +0100 Subject: [PATCH 08/12] Update tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md --- tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md | 1 - 1 file changed, 1 deletion(-) diff --git a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md index 409ae3770f..cffb041a14 100644 --- a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md +++ b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md @@ -34,7 +34,6 @@ The output should contain a list of locations where insecure or deprecated encry The test case fails if any insecure encryption modes are identified in the app. - ## Mitigation Replace insecure encryption modes with secure block cipher modes such as [AES-GCM or AES-CCM](https://csrc.nist.gov/pubs/sp/800/38/d/final) which are authenticated encryption modes that provide confidentiality, integrity, and authenticity. From 2eae3db41f1c477e48746abd5dcbf33e531d4be3 Mon Sep 17 00:00:00 2001 From: Carlos Holguera Date: Fri, 29 Nov 2024 17:17:51 +0100 Subject: [PATCH 09/12] Apply suggestions from code review --- tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md index cffb041a14..1b5803f9f3 100644 --- a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md +++ b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md @@ -13,14 +13,24 @@ To test for the [use of weak encryption modes](../../../Document/0x04g-Testing-C In Android development, the `Cipher` class from the Java Cryptography Architecture (JCA) is the primary API that allows you to specify the encryption mode for cryptographic operations. [`Cipher.getInstance`](https://developer.android.com/reference/javax/crypto/Cipher#getInstance(java.lang.String)) defines the transformation string, which includes the encryption algorithm, mode of operation, and padding scheme. The general format is `"Algorithm/Mode/Padding"`. For example: ```kotlin -Cipher.getInstance("AES/CBC/PKCS5Padding") +Cipher.getInstance("AES/ECB/PKCS5Padding") ``` In this test we're going to focus on symmetric encryption modes such as [ECB (Electronic Codebook)](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Electronic_codebook_(ECB)) operate deterministically, dividing plaintext into blocks and encrypting them separately, which reveals patterns in the ciphertext. This makes it vulnerable to attacks like [known-plaintext attacks](https://en.wikipedia.org/wiki/Known-plaintext_attack) and [chosen-plaintext attacks](https://en.wikipedia.org/wiki/Chosen-plaintext_attack). +For example, the following transformations are all [considered vulnerable](https://support.google.com/faqs/answer/10046138?hl=en): + +- "AES" (uses AES/ECB mode by default) +- "AES/ECB/NoPadding" +- "AES/ECB/PKCS5Padding" +- "AES/ECB/ISO10126Padding" + +You can learn more about ECB and other modes in [NIST SP 800-38A - Recommendation for Block Cipher Modes of Operation: Methods and Techniques](https://csrc.nist.gov/pubs/sp/800/38/a/final). Also check the [Decision to Revise NIST SP 800-38A, Recommendation for Block Cipher Modes of Operation: Methods and Techniques](https://csrc.nist.gov/news/2023/decision-to-revise-nist-sp-800-38a) and [NIST IR 8459 +Report on the Block Cipher Modes of Operation in the NIST SP 800-38 Series](https://nvlpubs.nist.gov/nistpubs/ir/2024/NIST.IR.8459.pdf) for the latest information. + **Out of Scope**: Asymmetric encryption modes like RSA are out of scope for this test because they don't use block modes like ECB. -In the transformation strings like `"RSA/ECB/OAEPPadding"` or `"RSA/ECB/PKCS1Padding"`, the inclusion of "ECB" in this context is misleading. Unlike symmetric ciphers, **RSA doesn't operate in block modes like ECB**. The `ECB` designation is a [placeholder in some cryptographic APIs](https://github.com/openjdk/jdk/blob/680ac2cebecf93e5924a441a5de6918cd7adf118/src/java.base/share/classes/com/sun/crypto/provider/RSACipher.java#L126) and doesn't imply that RSA uses ECB mode. Understanding these nuances helps prevent false positives. +In the transformation strings like `"RSA/ECB/OAEPPadding"` or `"RSA/ECB/PKCS1Padding"`, the inclusion of `ECB` in this context is misleading. Unlike symmetric ciphers, **RSA doesn't operate in block modes like ECB**. The `ECB` designation is a [placeholder in some cryptographic APIs](https://github.com/openjdk/jdk/blob/680ac2cebecf93e5924a441a5de6918cd7adf118/src/java.base/share/classes/com/sun/crypto/provider/RSACipher.java#L126) and doesn't imply that RSA uses ECB mode. Understanding these nuances helps prevent false positives. ## Steps From 1d36a88cc25b6b6364945a87804883dbeb0db0a2 Mon Sep 17 00:00:00 2001 From: Carlos Holguera Date: Fri, 29 Nov 2024 17:19:59 +0100 Subject: [PATCH 10/12] Update tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md --- tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md index 1b5803f9f3..c52edebbe5 100644 --- a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md +++ b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md @@ -25,8 +25,7 @@ For example, the following transformations are all [considered vulnerable](https - "AES/ECB/PKCS5Padding" - "AES/ECB/ISO10126Padding" -You can learn more about ECB and other modes in [NIST SP 800-38A - Recommendation for Block Cipher Modes of Operation: Methods and Techniques](https://csrc.nist.gov/pubs/sp/800/38/a/final). Also check the [Decision to Revise NIST SP 800-38A, Recommendation for Block Cipher Modes of Operation: Methods and Techniques](https://csrc.nist.gov/news/2023/decision-to-revise-nist-sp-800-38a) and [NIST IR 8459 -Report on the Block Cipher Modes of Operation in the NIST SP 800-38 Series](https://nvlpubs.nist.gov/nistpubs/ir/2024/NIST.IR.8459.pdf) for the latest information. +You can learn more about ECB and other modes in [NIST SP 800-38A - Recommendation for Block Cipher Modes of Operation: Methods and Techniques](https://csrc.nist.gov/pubs/sp/800/38/a/final). Also check the [Decision to Revise NIST SP 800-38A, Recommendation for Block Cipher Modes of Operation: Methods and Techniques](https://csrc.nist.gov/news/2023/decision-to-revise-nist-sp-800-38a) and [NIST IR 8459 Report on the Block Cipher Modes of Operation in the NIST SP 800-38 Series](https://nvlpubs.nist.gov/nistpubs/ir/2024/NIST.IR.8459.pdf) for the latest information. **Out of Scope**: Asymmetric encryption modes like RSA are out of scope for this test because they don't use block modes like ECB. From cd7e7c2fe5626ff0a5b19e0d47726d4f710a0419 Mon Sep 17 00:00:00 2001 From: Carlos Holguera Date: Fri, 29 Nov 2024 17:21:01 +0100 Subject: [PATCH 11/12] Update tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md index c52edebbe5..df7a6bd072 100644 --- a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md +++ b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md @@ -47,6 +47,6 @@ The test case fails if any insecure encryption modes are identified in the app. Replace insecure encryption modes with secure block cipher modes such as [AES-GCM or AES-CCM](https://csrc.nist.gov/pubs/sp/800/38/d/final) which are authenticated encryption modes that provide confidentiality, integrity, and authenticity. -We recommend to avoid CBC, which while being more secure than ECB, improper implementation, especially incorrect padding, can lead to vulnerabilities such as padding oracle attacks. +We recommend avoiding CBC, which while being more secure than ECB, improper implementation, especially incorrect padding, can lead to vulnerabilities such as padding oracle attacks. For comprehensive guidance on implementing secure encryption modes in Android, refer to the official Android Developers documentation on [Cryptography](https://developer.android.com/privacy-and-security/cryptography). From 5d7c62c192f8b554aa8528ebc84f7bab6fb454dc Mon Sep 17 00:00:00 2001 From: Carlos Holguera Date: Fri, 29 Nov 2024 17:23:39 +0100 Subject: [PATCH 12/12] Update tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md --- tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md index df7a6bd072..4c2e352a6b 100644 --- a/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md +++ b/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0231.md @@ -20,7 +20,7 @@ In this test we're going to focus on symmetric encryption modes such as [ECB (El For example, the following transformations are all [considered vulnerable](https://support.google.com/faqs/answer/10046138?hl=en): -- "AES" (uses AES/ECB mode by default) +- "AES" (uses AES/ECB mode by [default](https://docs.oracle.com/javase/6/docs/technotes/guides/security/crypto/CryptoSpec.html#Cipher)) - "AES/ECB/NoPadding" - "AES/ECB/PKCS5Padding" - "AES/ECB/ISO10126Padding"