Strong cipher algorithms are cryptographic systems resistant to cryptanalysis, they are not vulnerable to well-known attacks like brute force attacks for example.

A general recommendation is to only use cipher algorithms intensively tested and promoted by the cryptographic community.

More specifically for block cipher, it’s not recommended to use algorithm with a block size inferior than 128 bits.

Noncompliant Code Example

For System.Security.Cryptography library, these old cryptographic algorithms should no longer be used for any reason:

var tripleDES1 = new TripleDESCryptoServiceProvider(); // Noncompliant: Triple DES is vulnerable to meet-in-the-middle attack

var simpleDES = new DESCryptoServiceProvider(); // Noncompliant: DES works with 56-bit keys allow attacks via exhaustive search

var RC2 = new RC2CryptoServiceProvider(); // Noncompliant: RC2 is vulnerable to a related-key attack

For Bouncycastle library, AESFastEngine has a side channel leak, it is possible to gain information about the key used to initialize the cipher:

AesFastEngine aesFast = new AesFastEngine(); // Noncompliant

Compliant Solution

For System.Security.Cryptography library, it’s recommended to use AesCryptoServiceProvider:

var AES = new AesCryptoServiceProvider(); // Compliant

For Bouncycastle library, it’s recommended to use AESEngine:

var AES = new AESEngine(); // Compliant

See

• OWASP Top 10 2021 Category A2 - Cryptographic Failures
• OWASP Top 10 2017 Category A3 - Sensitive Data Exposure
• MITRE, CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
• SANS Top 25 - Porous Defenses