encryption implementation in UtilsEncryption #645
Description
Is your feature request related to a problem? Please describe:
The current encryption implementation in UtilsEncryption uses PBKDF2WithHmacSHA1 to derive the encryption key from a passphrase. SHA-1 is no longer considered secure due to known vulnerabilities and successful collision attacks (e.g., SHAttered). Although PBKDF2 mitigates some of this risk via high iteration counts, using SHA-1 is discouraged in modern cryptographic applications.
Describe the solution you'd like:
Update the algorithm from:
private static final String PBKDF2_ALGORITHM = "PBKDF2WithHmacSHA1";
to change private static final String PBKDF2_ALGORITHM = "PBKDF2WithHmacSHA256";