Home

DES or 3DES Used

  • Vulnerability
  • - Critical

Description

  • DES or 3DES Used is a rule for encrypting data using the Data Encryption Standard (DES) or Triple DES (3DES) algorithms. DES is an older encryption algorithm that uses a 56-bit key to encrypt data, while 3DES is a more secure algorithm that uses three 56-bit keys for encryption. Both algorithms are widely used for encrypting data, especially for financial and government applications.

Key Benefits

  • High Security: DES and 3DES provide a high level of security, making them ideal for protecting sensitive data.
  • Efficient: DES and 3DES are very efficient algorithms, requiring minimal processing power and memory.
  • Widely Used: DES and 3DES are widely used in many applications, making them a reliable and trusted encryption method.

 

Non-compliant Code Example 

DECLARE
  DES_EXAMPLE PLS_INTEGER := 0;
  
BEGIN
 DES_EXAMPLE := DBMS_CRYPTO.ENCRYPT_DES         --Non compliant code (DES (Data Encryption Standard) is used)
                                     + DBMS_CRYPTO.CHAIN_CBC
                                     + DBMS_CRYPTO.PAD_NONE;

END;

Compliant Code Example

DECLARE
  DES_EXAMPLE PLS_INTEGER := 0;
  
BEGIN
 DES_EXAMPLE := DBMS_CRYPTO.ENCRYPT_AES256         --Compliant code
                                     + DBMS_CRYPTO.CHAIN_CBC
                                     + DBMS_CRYPTO.PAD_PKCS5;

END;
Visual Expert 2025
 VEPLSQLRULE2