Most of cryptographic systems require a sufficient key size to be robust against brute-force attacks.

NIST recommendations will be checked for these use-cases:

Digital Signature Generation and Verification:

• p ≥ 2048 AND q ≥ 224 for DSA (p is key length and q the modulus length)
• n ≥ 2048 for RSA (n is the key length)

Key Agreement:

• p ≥ 2048 AND q ≥ 224 for DH and MQV
• n ≥ 224 for ECDH and ECMQV (Examples: secp192r1 is a non-compliant curve (n < 224) but secp224k1 is compliant (n >= 224))

Symmetric keys:

• key length ≥ 128 bits

This rule will not raise issues for ciphers that are considered weak (no matter the key size) like DES, Blowfish.

Noncompliant Code Example

val keyPairGen1 = KeyPairGenerator.getInstance("RSA")
keyPairGen1.initialize(1024) // Noncompliant

val keyPairGen5 = KeyPairGenerator.getInstance("EC")
val ecSpec1 = ECGenParameterSpec("secp112r1") // Noncompliant
keyPairGen5.initialize(ecSpec1)

val keyGen1 = KeyGenerator.getInstance("AES")
keyGen1.init(64) // Noncompliant

Compliant Solution

val keyPairGen6 = KeyPairGenerator.getInstance("RSA")
keyPairGen6.initialize(2048) // Compliant

val keyPairGen5 = KeyPairGenerator.getInstance("EC")
val ecSpec1 = ECGenParameterSpec("secp256r1") // Compliant
keyPairGen5.initialize(ecSpec1)

val keyGen2 = KeyGenerator.getInstance("AES")
keyGen2.init(128) // Compliant

See

• OWASP Top 10 2021 Category A2 - Cryptographic Failures
• OWASP Top 10 2017 Category A3 - Sensitive Data Exposure
• OWASP Top 10 2017 Category A6 - Security Misconfiguration
• Mobile AppSec Verification Standard - Cryptography Requirements
• OWASP Mobile Top 10 2016 Category M5 - Insufficient Cryptography
• NIST 800-131A - Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths
• MITRE, CWE-326 - Inadequate Encryption Strength