Closed tianjk99 closed 6 months ago
This library is an interface to an existing product, the developers of this library have no affiliation with the developers of the protocol. Indeed from a security standpoint, it was a poor cipher choice, but this is irrelevant as the protocol is implemented as designed.
Please check if there is any problem with using AES-ECB as the default encryption method.
This algorithm is known to have significant vulnerabilities that can be exploited by attackers, compromising the confidentiality and integrity of sensitive data. AES-ECB uses a fixed encryption key and does not incorporate an initialization vector (IV). As a result, it produces the same output for identical input blocks, making it susceptible to pattern recognition and exposing encrypted data patterns.