Crypto Vulnerability Scanner / Weak Ciphers
Weak Cipher Detection Tool
A weak cipher is an encryption algorithm or mode that no longer resists modern attacks: DES and 3DES (64-bit blocks, Sweet32), RC4 (keystream biases), Blowfish (64-bit blocks), AES in ECB mode, and CBC without integrity protection. Korthex finds every use across source code in 18 languages, dependencies, binaries, TLS configurations and databases, and proves weakness by emulation against NIST Known-Answer Tests instead of relying on pattern matching.
What counts as a weak cipher in 2026
- DES: a 56-bit key, brute-forceable on commodity hardware for decades
- 3DES: 64-bit blocks make it vulnerable to Sweet32 birthday attacks; NIST disallowed it for encryption after 2023
- RC4: keystream biases; prohibited in TLS by RFC 7465 since 2015
- Blowfish: 64-bit blocks, the same Sweet32 class as 3DES
- AES-ECB: identical plaintext blocks produce identical ciphertext, structure leaks through
- AES-CBC without integrity protection: padding-oracle territory; use an AEAD mode instead
- Weak randomness feeding key or IV material, which silently weakens even strong ciphers
Detection that follows the data
Regex-level scanners flag the call site and stop. Korthex follows the value: dataflow across 16 import hops, taint-classified key sources, and cross-file union-find clustering decide whether a weak primitive actually guards production data or sits in dead code and test fixtures. Extracted cryptography is then graded by emulation against NIST Known-Answer Tests, so weak means proven weak, with a side-channel timing verdict on top.
Replacement guidance
- Symmetric encryption: AES-256-GCM or ChaCha20-Poly1305 (AEAD) as the default replacements
- The migration plan orders every finding topologically with file:line, replacement algorithm, effort estimate and dependency order
- TLS: modern suite recommendations per finding, mapped to BSI TR-02102-2 and PCI-DSS 4.2.1
Keep weak ciphers from coming back
A one-time cleanup decays. The CI/CD gate fails builds when a diff or a dependency bump reintroduces a weak cipher, so detection turns into prevention on every commit.
Frequently asked questions
Is 3DES still allowed?
NIST disallowed 3DES for encryption after 2023 (legacy decryption remains permitted), and PCI DSS strong-cryptography guidance excludes it. Anything still encrypting with 3DES is a finding, not a preference.
Is AES-CBC weak?
CBC itself is not broken, but CBC without integrity protection enables padding-oracle attacks, and real-world usage regularly omits the MAC. Korthex flags CBC-without-integrity and recommends AEAD modes (AES-GCM, ChaCha20-Poly1305).
Does it scan binaries too?
Yes. The binary analyzer detects cipher usage in compiled artifacts, alongside source code in 18 languages, dependencies, TLS configurations and databases.
How are false positives handled?
Every finding carries a taint-based verdict: dataflow decides whether the cipher processes reachable, security-relevant data or lives in dead code and test fixtures, and the finding is prioritized accordingly.
Which languages are covered?
TypeScript, JavaScript, C#, Java, Python, Go, PHP, Ruby, Rust, Kotlin, Scala, C, C++, Swift, Dart, VB.NET, COBOL and Zig.