From b1679b5819c4077843edd1c7bcf01fbfb6406bd4 Mon Sep 17 00:00:00 2001 From: Huang Wei Date: Thu, 30 Dec 2021 00:54:13 +0000 Subject: [PATCH] update en/contribute/OpenHarmony-security-design-guide.md. --- en/contribute/OpenHarmony-security-design-guide.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/en/contribute/OpenHarmony-security-design-guide.md b/en/contribute/OpenHarmony-security-design-guide.md index e7ef720f079..d96d0b99716 100644 --- a/en/contribute/OpenHarmony-security-design-guide.md +++ b/en/contribute/OpenHarmony-security-design-guide.md @@ -46,9 +46,9 @@ The following are some examples of insecure cipher algorithms: MD5, DES, 3DES (D (3) **java.security.SecureRandom** of the JDK (4) **/dev/random** file of Unix-like platforms -3-4 By default, use secure cipher algorithms and disable/prohibit insecure cipher algorithms. Use cipher algorithm libraries that are certified by authoritative organizations, recognized by open-source communities in the industry, or assessed and approved by Huawei +3-4 By default, use secure cipher algorithms and disable/prohibit insecure cipher algorithms. Use cipher algorithm libraries that are certified by authoritative organizations, recognized by open-source communities in the industry -**Description:** In the context of advances in cryptographic technologies and enhancement in computing capabilities, some cipher algorithms may become insecure. Using such algorithms may bring risks to user data. In addition, unknown flaws may exist in cipher algorithms that are developed by amateurs and not analyzed/verified by the industry. In this regard, use cipher algorithm libraries that are certified by authoritative organizations, recognized by open-source communities in the industry, or assessed and approved by Huawei. +**Description:** In the context of advances in cryptographic technologies and enhancement in computing capabilities, some cipher algorithms may become insecure. Using such algorithms may bring risks to user data. In addition, unknown flaws may exist in cipher algorithms that are developed by amateurs and not analyzed/verified by the industry. In this regard, use cipher algorithm libraries that are certified by authoritative organizations, recognized by open-source communities in the industry. **Example:** For examples of cipher algorithms, see 3-1. -- Gitee