• CodeQL query help documentation »
• CodeQL query help for C# »

Weak encryption: Insufficient key size

ID: cs/insufficient-key-size
Kind: problem
Security severity: 7.5
Severity: warning
Precision: high
Tags:
   - security
   - external/cwe/cwe-326
Query suites:
   - csharp-code-scanning.qls
   - csharp-security-extended.qls
   - csharp-security-and-quality.qls

Click to see the query in the CodeQL repository

This rule finds uses of encryption algorithms with too small a key size. Encryption algorithms are vulnerable to brute force attack when too small a key size is used.

Recommendation

The key should be at least 2048-bit long when using RSA encryption, and 128-bit long when using symmetric encryption.

References

• Wikipedia. Key size.

• Common Weakness Enumeration: CWE-326.

• © GitHub, Inc.
• Terms
• Privacy