react-native-keychain icon indicating copy to clipboard operation
react-native-keychain copied to clipboard

Published 20 hours ago verified publisher icon oblador

Use AES with block mode GCM

Open matteodanelli opened this issue 2 years ago • 1 comments

Actually, the cipher created using AES is using block mode CBC. According to OWASP guidelines, it's better to use AES with block mode GCM, which is already available inside android.KeyProperties. GCM can prevent CBC attacks like Chosen Plaintext Attack(CPA) and Chosen Ciphertext Attack(CCA)

Are there any known limitations to switch to this?

matteodanelli avatar Jan 27 '23 14:01 matteodanelli