Actually, the cipher created using AES is using block mode CBC.
According to OWASP guidelines, it's better to use AES with block mode GCM, which is already available inside android.KeyProperties.
GCM can prevent CBC attacks like Chosen Plaintext Attack(CPA) and Chosen Ciphertext Attack(CCA)
Are there any known limitations to switch to this?
BraveEvidence
commented
1 year ago
Actually, the cipher created using AES is using block mode CBC. According to OWASP guidelines, it's better to use AES with block mode GCM, which is already available inside android.KeyProperties. GCM can prevent CBC attacks like Chosen Plaintext Attack(CPA) and Chosen Ciphertext Attack(CCA)
Are there any known limitations to switch to this?