ggozad
commented
5 years ago Hey, A pull request would be welcome on this. OAEP is indeed a better choice. Could you please open a PR? That said, given android's security in general, the attack vectors that exist on cordova and the difficulty in performing a chosen ciphertext attack on this plugin I would think this is the least of your problems :)
Hi,
this plugin uses RSA/ECB/PKCS1Padding for AES encryption, see https://github.com/Crypho/cordova-plugin-secure-storage/blob/master/src/android/RSA.java#L89 .
Because RSA with PKCS v1.5 is broken since 1998 [bleich], RSA should be used with Optimal Asymmetric Encryption Padding (OAEP) [point].
I am not a crypto expert, but have you thought about changing to OAEP?
[point] Pointcheval, David. "How to encrypt properly with RSA." CryptoBytes 5.1 (2002): 10-19. [bleich] D. Bleichenbacher. A Chosen Ciphertext Attack against Protocols based on the RSA Encryption Standard PKCS #1. In Crypto ’98, LNCS 1462, pages 1–12. Springer-Verlag, Berlin, 1998