Amplitude-Android icon indicating copy to clipboard operation
Amplitude-Android copied to clipboard

Published 20 hours ago verified publisher icon amplitude

Usage of weak crypto algorithms like MD5 in Amplitude-Android SDK

Open nidhi88 opened this issue 3 years ago • 0 comments

Summary

Our Penetration testing team has identified usage of weak crypto algorithms like MD5 in Amplitude-Android SDK and logged security vulnerability. What are the plans to migrate to the latest crypto algorithms? Can you please migrate to the latest crypto algorithms to mitigate this?

Recommendation: Utilize cryptographic hashing algorithms that are considered secure and advocated for in best practice recommendations. Guidance can be found for Android For more guidance on best practices in picking strong cryptography, please see OWASP's Cryptographic Storage Cheat Sheet.

Motivations

Security Vulnerability.

nidhi88 avatar Jan 18 '22 07:01 nidhi88